Aug 15 03

Kovah, who discovered with his partners a lot of firmware vulnerabilities in Macs  last year has now designed with Trammell Hudson, a security engineer a worm they dubbed Thunderstrike 2 that can spread between MacBooks undetected.

[The attack is] really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware

Find out more at BlackHat & DefCon or read an amazing article @wired

written by d45id \\ tags: , , , , , , , ,

Aug 13 06

cachestructOn the European security conference OHM 2013 a security researcher has demonstrated an attack that would allow a hacker to access and modify the Flash Firmware on a hard drive and program it to protect his access.

Firmware is code stored on a special flash-able chip on the drive. The built in code tells the drive how to work, how to read and write data. It is flashable (it can be reprogrammed) so the manufacturer can release updates to the firmware. Most people never re-flash or update their hard drive firmware. Continue reading »

written by d45id \\ tags: , , , , ,

Jul 13 02

DD-WRT_logoToday I tried to upgrade my little WiFi-router (FON2100) to the actual DD-WRT version (v24 preSP2- Build 2128) but it crashed :'(

So I have to make a firmware-recovery. If you interested how it works you can read my short description. Continue reading »

written by d45id \\ tags: , , , , ,

Jan 13 02

An easier way to update the firmware of your Raspberry Pi it to use rpi-update written by Hexxeh.

To install the tool, run the following command:

sudo wget -O /usr/bin/rpi-update && 
sudo chmod +x /usr/bin/rpi-update

If you get errors relating to certificates, then the problem is likely due to one of two things. Either the time is set incorrectly on your Raspberry Pi, which you can fix by simply setting the time using NTP. The other possible issue is that you might not have the ca-certificates package installed, and so GitHub’s SSL certificate isn’t trusted. If you’re on Debian, you can resolve this by typing:

sudo apt-get install ca-certificates

To then update your firmware, simply run the following command:

sudo rpi-update

To upgrade/downgrade to a specific firmware revision, specify it’s Git hash as follows:

rpi-update <git hash> 

If you’d like to set a different GPU/ARM memory split, then define gpu_mem in /boot/config.txt.

written by d45id \\ tags: , , ,