I was just handed an article on eWeek that discusses some new hardware hacks that were presented at the Black Hat Federal Conference. The eWeek article states:

At the Black Hat Briefings here on Jan. 28, two breakthrough hardware hacks were demonstrated. One shocker was Coseinc Senior Security Researcher Joanna Rutkowska’s demonstration of a way to subvert system memory through software—in essence, the shattering of our long-held belief that “going to hardware” to secure incident response is a security failsafe.

Hardware heresy didn’t stop there. John Heasman from NGSS (Next Generation Security Software) proved that rootkits can persist on a device—on firmware—rather than on disk, and can thus survive a machine being reimaged. Even reformatting won’t save us these days.

These are extremely interesting because it now means that there are ways for hackers to penetrate our systems and either leave no trace, or embed themselves into our hardware so that the system stays “infected” even if re-imaged.

A full copy of the article can be found here.

I’ve also added a link Joanna Rutkowska’s blog. You can find copies of her Black Hat presentation as well as her demonstration videos on her blog, or here:

cheating-hardware-memory-acquisition-updated.ppt

DMA-cheating-demo-bh-fed07.rar

Technorati Tags: Black Hat Federal Conference, Joanna Rutkowska, hardware hacks