NSA Confirms Remote Computer Bricking by BIOS (or UEFI) as a Real Strategy

Dr. Roy Schestowitz

2013-12-16 20:26:07 UTC
Modified: 2013-12-16 20:26:07 UTC

UEFI Forum operated by companies in bed with the NSA

UEFI logo with monopoly

Summary: NSA officials say that bricking a large number of PCs by tinkering with the boot process not just an imaginary plot

THE back doors in Windows are more than evident now, but Linux developers have just rewritten the random number generator, meaning perhaps that the NSA subverted the security of Linux by reducing entropy (e.g. via Red Hat staff, which is making requests for inclusion of NSA code in the core). This is troubling. As Phoronix put it (this debate has been going on for months now), "While /dev/random was made faster and more random in Linux 3.13, in light of the NSA controversies and that Intel/VIA hardware encryption and random generators may not even be trustworthy, there's been a rework in how reseeding happens for the Linux kernel's random component."

We previously pointed out that using back doors the NSA can completely brick hardware, especially if it uses UEFI. Surely that's a good reason to boycott UEFI, no?

Anyway, as part of a CBS puff piece (or propaganda piece where NSA gets the carte blanche and critics do not exist), there was an attempt to brick PCs using BIOS (causing irreversible destruction by sending packets). As the British press put it: "Senior National Security Agency (NSA) officials have told US news magazine program “60 Minutes” that a foreign nation tried to infect computers with a BIOS-based virus that would have enabled them to be remotely destroyed."

We already know, based on a lot of evidence, that the NSA is in every way worse than other such agencies; in fact, there is nothing China or Russia, for example, can be accused of that the NSA/CIA cannot be accused of (not anymore anyway). The accusations from the NSA seem to be directed at China (popular scapegoat for NSA hypocrites as it is the biggest computer manufacturer), but given what we have seen when it comes to chip development at the design level (e.g. backdoor by useless encryption at hardware level), it is the US, especially criminal companies like Intel, that we should be concerned about. The government of the US has been compelling and at times bribing companies for back doors (the bribes come through the CIA though, not the NSA). Google is reportedly moving further away from Intel [1, 2], but will it also abandon the second processor in mobile devices (the Trojan horse that turns mobile phones into non-stop listening devices)?

For those who fail to grasp how criminal and void of ethics the NSA has become, in the next post we shall summarise some of the latest news. Don't believe for a second the popular myth/fiction that China is worse when it comes to surveillance. ⬆

Links 01/10/2023: Climate, Patents, Programming, and More: Links for the day
Apple and Microsoft Problems: half a dozen links
Malware in the Ubuntu Snap Store, Thanks to Canonical Bloatware Mindset: Reprinted with permission from Ryan Farmer
Gemini Rising: There are 3523 capsules
Richard Stallman Gave a Talk Yesterday, Will Give Another Talk Today, and Will Give Two More Talks in Germany Later This Week: Those cover at least 2 different topics
Beware the Microsoft Sharks: We won't forgive and forget
IRC Proceedings: Saturday, September 30, 2023: IRC logs for Saturday, September 30, 2023
Don't be Afraid of the Command Line, It Might Even be a Friend: There's a tendency to think that only graphical interfaces were made to simplify usage, and any declarative interface is by design raw, inherently unfit for usage
One Positive Note About GNU/Linux Coverage in 2023 (Less Microsoft): GNU/Linux users do not want this, with very rare exceptions
Snaps Were Never Good at Security, But the Media Coverage is Just Appalling: The media should focus on culling Windows, not making a huge fuss over minor things wrongly attributed to "Linux"
Better Footage of Richard Stallman's Talk Last Week: “Freedom in computing, forty years after starting to really protect it”: Richard Stallman speaks about the cancer situation early in his speech
Links 30/09/2023: A Government Shutdown and More Blizzard Layoffs: Links for the day
Links 30/09/2023: Bing Almost Offloaded Due to Failure/Losses, Nvidia Raided: Links for the day
A Lot of Technological 'Progress' Has Been Nothing But Buzzwords: Free software does not try to excite people people over nothing
Community is the Lifeblood of Freedom in the GNU/Linux World: Removing or undoing the "cancerd" (systemd) is feasible but increasingly difficult
Proprietary Software: Here Today, Gone Tomorrow: Proprietary software has an entirely different mindset, revolving around business models rather than science
Web Hostnames Down to Lowest Number in More Than 7 Years!: the number of hostnames is falling rapidly (they hide this by choosing logarithmic scale)
Over at Tux Machines...: 2 days' worth
Richard Stallman Says He Will Probably Live Many More Years: "Richard Stallman has cancer. Fortunately it is slow-growing and manageable follicular lymphona, so he will probably live many more years nonetheless. But he now has to be even more careful not to catch Covid-19."
Quitting 'Clown Computing' and GAFAM is Only the Start: The Web and the Net at large became far too centralised
Stop Begging Companies That Don't Value Your Freedom to Stop Pushing You Around: That's not freedom
They Say Free Software is Like Communism When They, the Proprietary Software Giants, Constantly Pursue Government Bailouts (Subsidies From Taxpayers): At the moment Ukraine is at most risk due to its dependence on Microsoft (inside its infrastructure)
Social Control Media Has No Future, It Was Always Doomed to Fail (Also Promoted Based on Lies): Recent events, including developments at Twitter, meant that they lost a lot of their audience and then, in turn, sponsors/advertisers
The forbidden topics: There are forbidden topics in the hacker community
They're Been Trying to 'Kill' Richard Stallman for Years (by Mentally Tormenting Him): Malicious tongue wanted to do him what had been done to Julian Assange
We Temporarily Have Two Gemini Capsules: They're both authentic and secure, but they're not the same
Consumerism is Lying and Revisionism: We need to reject these liars and charlatans
Links 30/09/2023: Open VFS Framework, CrossOver 23.5, Dianne Feinstein Dies: Links for the day
Security Leftovers: GNU/Linux, Microsoft, and more
Microsoft Down on the World Wide Web, Shows Survey: down by a lot in this category
IRC Proceedings: Friday, September 29, 2023: IRC logs for Friday, September 29, 2023
A Society That Fails Journalists Does Not Deserve Journalism: It's probably too later to save Julian Assange as a working publisher (he might never recover from the mental torture), but as a person and a father we can wish and work towards his release
Almost Nothing To Go With Your Morning's Cup Of Coffee: Newspaper? What newspaper?
Techrights Was Right About the Chaff Bots (They Failed to Live up to Their Promise): Those who have been paying attention to news of substance rather than fashionable "tech trends" probably know that GNU/Linux grew a lot this year
Selling Out to Microsoft Makes You Dead Beef: If all goes as well as we've envisioned, Microsoft will get smaller and smaller
Curation and Preservation Work: The winter is coming soon and this means our anniversary is near
Mobile Phones Aren't Your Friend or a Gateway to Truly Social Life: Newer should not always seem more seductive, as novelty is by default questionable and debatable
Links 29/09/2023: Disinformation and Monopolies: Links for the day
iFixit Requests DMCA Exemption…To Figure Out How To Repair McDonald’s Ice Cream Machines: Reprinted with permission from Ryan Farmer
Jim Zemlin Thinks the World's Largest Software Company Has 200 Staff, Many of Whom Not Technical at All: biggest ego in the world
Microsoft GitHub Exposé — In the Alex Graveley Case, His Lawyer, Rick Cofer, Appears to Have Bribed the DA to Keep Graveley (and Others) Out of Prison: Is this how one gets out of prison? Hire the person who bribes the DA?
Richard Stallman's Public Talk in GNU's 40th Anniversary Ceremony: Out now
Links 29/09/2023: Linux Foundation Boasting, QLite FDW 2.4.0 Released: Links for the day
Red Hat Does Not Understand Community and It's Publicly Promoting Microsoft's Gartner: RedHat.com is basically lioning a firm that has long been attacking GNU/Linux in the private and public sectors at the behest of Microsoft
A 'Code of Conduct' Typically Promoted by Criminal Corporations to Protect Crimes From Scrutiny: We saw this in action last week
Objections to binutils CoC: LXO response to proposed Code of Conduct
Conde Nast (Reddit), Which Endlessly Defamed Richard Stallman and Had Paid Salaries to Microsoft-Connected Pedophiles, Says You Must Be Over 18 to See 'Stallman Was Right': Does this get in the way of their Bill Gates-sponsored "Bill Gates says" programme/schedule?
Techrights Extends Wishes of Good Health to Richard M. Stallman: Richard Stallman has cancer
endsoftwarepatents.org Still Going, Some Good News From Canada: a blow to software patents in Canada
The Debian Project Leader said the main thing Debian lacked was more contributors: The Debian Project Leader said the main thing Debian lacked was more contributors
IRC Proceedings: Thursday, September 28, 2023: IRC logs for Thursday, September 28, 2023
Links 28/09/2023: Openwashing and Patent Spam as 'News': Links for the day

NSA Confirms Remote Computer Bricking by BIOS (or UEFI) as a Real Strategy

Recent Techrights' Posts