In theory, both accidental and deliberate overwrites were now prevented. Once the firmware had booted up, it enabled various hardware lockout mechanisms so that from OS X, or any other operating system, you couldn’t change anything. The cryptographic key used to verify the digital signature was stored, of course, in the firmware. Digital signaturesĪpple and many other motherboard manufacturers eventually went one step further, and organised things so that the firmware chip could only be updated by code already contained in the firmware.įor additional security (and control), firmware updates would only go ahead if the new firmware version was digitally signed by the motherboard vendor. In other words, only by using special hardware configuration settings could the firmware be updated, which prevented accidental overwrites. (They’re still commonly called “Boot ROMs,” but they are no longer truly read-only.) To fix bugs, you had to extract the chip and replace it with a new one – a troublesome task on a single computer, let alone in an office full of them.įor convenience, therefore, Boot ROMs were ultimately replaced by Flash chips that were usually write-protected, but could be rewritten under controlled conditions. So, Boot ROMs couldn’t be infected with malicious code, which was very handy but they couldn’t be updated or patched, either. In the early days, computer firmware was stored in a special Boot ROM chip – a read-only memory device that was programmed in the factory, plugged into your computer, and remained forever unmodified and unmodifiable. To explain: the firmware is a sort-of hardware-level operating system, stored in a special chip on the motherboard, that prepares your computer for running a regular operating system such as OS X or Windows. The sequel builds on work reported at the start of 2015 that used security holes in the firmware on your Mac to inject malicious code into the very earliest part of the boot process, where it can run long before OS X itself. – Thunderstrike courtesy of Shutterstock –Īnd like your favourite movie sequel, it’s called Thunderstrike 2.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |