BadBIOS
   HOME

TheInfoList



Click Here for Items Related To - BadBIOS
OR:
BadBIOS on:   [Wikipedia]   [Google]   [Amazon]

BadBIOS is alleged
malware Malware (a portmanteau of ''malicious software'')Tahir, R. (2018)A study on malware and malware detection techniques . ''International Journal of Education and Management Engineering'', ''8''(2), 20. is any software intentionally designed to caus ...
described by network security researcher Dragos Ruiu in October 2013 with the ability to communicate between instances of itself across air gaps using
ultrasonic Ultrasound is sound with frequencies greater than 20 kilohertz. This frequency is the approximate upper audible limit of human hearing in healthy young adults. The physical principles of acoustic waves apply to any frequency range, includi ...
communication between a computer's speakers and microphone. To date, there have been no proven occurrences of this malware. Ruiu says that the malware is able to infect the
BIOS In computing, BIOS (, ; Basic Input/Output System, also known as the System BIOS, ROM BIOS, BIOS ROM or PC BIOS) is a type of firmware used to provide runtime services for operating systems and programs and to perform hardware initialization d ...
of computers running
Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...
,
Mac OS X macOS, previously OS X and originally Mac OS X, is a Unix, Unix-based operating system developed and marketed by Apple Inc., Apple since 2001. It is the current operating system for Apple's Mac (computer), Mac computers. With ...
,
BSD The Berkeley Software Distribution (BSD), also known as Berkeley Unix or BSD Unix, is a discontinued Unix operating system developed and distributed by the Computer Systems Research Group (CSRG) at the University of California, Berkeley, beginni ...
and
Linux Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...
as well as spread infection over
USB flash drive A flash drive (also thumb drive, memory stick, and pen drive/pendrive) is a data storage device that includes flash memory with an integrated USB interface. A typical USB drive is removable, rewritable, and smaller than an optical disc, and u ...
s. Rob Graham of Errata Security produced a detailed analysis of each element of the descriptions of BadBIOS's capabilities, describing the software as "plausible", whereas Paul Ducklin on the
Sophos Sophos Limited is a British security software and hardware company. It develops and markets managed security services and cybersecurity software and hardware, such as managed detection and response, incident response and endpoint security s ...
Naked Security blog suggested "It's possible, of course, that this is an elaborate hoax". After Ruiu posted data dumps which supposedly demonstrated the existence of the virus, "all signs of maliciousness were found to be normal and expected data". In December 2013 computer scientists Michael Hanspach and Michael Goetz released a paper to the ''
Journal of Communication The ''Journal of Communication'' is a bimonthly peer-reviewed academic journal that publishes articles and book reviews on a broad range of issues in communication theory and research. It was established in 1951 and the current editor-in-chief is ...
'' demonstrating the possibility of an acoustic
mesh networking A mesh network is a local area network network topology, topology in which the infrastructure Node (networking), nodes (i.e. bridges, switches, and other infrastructure devices) connect directly, dynamically and non-hierarchically to as many othe ...
at a slow 20
bits per second In telecommunications and computing, bit rate (bitrate or as a variable ''R'') is the number of bits that are conveyed or processed per unit of time. The bit rate is expressed in the unit bit per second (symbol: bit/s), often in conjunction ...
using a set of speakers and microphones for sonic communication in a fashion similar to BadBIOS's described abilities.


See also

*
Air gap (networking) An air gap, air wall, air gapping or disconnected network is a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks, such as the public Internet or an ...
* Near sound data transfer *
Van Eck phreaking Van Eck phreaking, also known as Van Eck radiation, is a form of network eavesdropping in which special equipment is used for a side-channel attack on the electromagnetic emissions of electronic devices. While electromagnetic emissions are prese ...


References

Computer viruses {{malware-stub Malware