Interesting account of folks trying to hack the IFR in a Sony Vaio to enable hidden BIOS features. I suspect we'll see a lot more of this type of thing now that much of the setup data is exposed in a format that can easily be parsed. This reminds me of what happened once ACPI became widespread and the ACPI Machine Language (AML) could be disassembled and modiifed. Some of the early virtualization attacks used the hardware primitives built into AML to subvert OS security. This is less of a risk with HII, since IFR doesn't have hardware primitives and doesn't generally give any more rights to system resources than would already be available to an application that could run pre-OS in UEFI.
Here is the thread about hacking HII: http://forum.notebookreview.com/showthread.php?p=6104265
Monday, April 05, 2010
Subscribe to:
Posts (Atom)
