this post was submitted on 22 Jul 2024
823 points (100.0% liked)
196
16473 readers
2170 users here now
Be sure to follow the rule before you head out.
Rule: You must post before you leave.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Not easily.
Anti-virus companies--when they do it right--have tightly controlled air-gapped systems that they use to load viruses and test countermeasures. It takes a lot of staff to keep those systems maintained before we even talk about the programming involved, plus making sure some idiot doesn't inadvertently connect those machines to the main building WiFi.
There was at least one confirmed case of a virus spreading through speakers and microphones. What "air-gapped" means is pretty extreme.
If it's possible at all, it'd have to be through significant donations or public funding. A volunteer effort isn't going to cut it.
Well it isn't actually a confirmed case. Ruiu, the original person reporting the issue wasn't sure exactly what the surface area of attack was at the start. Ruiu Dragos, who is a security researcher believed it infected via speakers.
Eventually Errata CEO, Robert Graham, said that if he spent a year, he could build malware that did the same and that it was 'really, really easy'
Eventually, Ruiu noticed that the initial stage of infection was from one of his USB sticks.
The speakers part comes in that he found that the packets transmitted between badBIOS infected machines stopped if he disconnected the internal speaker and microphone.
Meaning, that sure, badBIOS may communicate data with each other via speakers but that it has never been proven that it could actually infect another machine via speakers. However, that hasn't stopped articles from conflating things.
Article doesn't explain how it even coupd spread at all.