Lessons learned: with a dynamic and reactive opponent with development resources and ops staff, a focus onstatic IOCs is an ancient philosophy stuck in the last decade. An attentive opponent will fix them before you can deploy detection.
-
This Tweet is unavailable.
-
This Tweet is unavailable.
-
The only answer I can give to that is I believe Dragos has mental health issues (i.e. paranoid schizophrenia perhaps). I hope he is seeing a therapist/psychologist about it. Here's a good article on why BadBIOS most likely isn't real:https://www.csoonline.com/article/2609622/security/4-reasons-badbios-isn-t-real.html …
Ultimately, we need a smoking gun. Smoking guns are *not* difficult to find. It's easy to avoid raising alarms on an automated system. It's quite hard to avoid raising suspicion on a personal computer. It's basically impossible to hide if someone is *looking* for the malware.
-
-
To put it another way: if BadBIOS were real and affected hardware I own, and I had strong belief that I was compromised by such a piece of software (or even a hardware implant), I am confident I would be able to gather hard, irrefutable evidence of such within a few days.
-
The fact that Dragos has not done so, and has not provided any evidence that would qualify as a smoking gun, hypothetically *could* be a sign of an unimaginably, incomprehensibly advanced series of implants and an active attacker... but occam's razor says he's just seeing things.
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.