On Wed, 2012-02-08 at 18:16 -0600, Mike Mestnik wrote: > On 02/08/12 18:07, Russell Coker wrote: > > On Thu, 9 Feb 2012, Stephen Hemminger <shemmin...@vyatta.com> wrote: > >> The advice I heard is trust nothing (even reflash the BIOS). > > Do you know of any real-world exploits that involve replacing the BIOS? > > It's > > been theoretically possible for a long time but I haven't seen any > > references > > to it being done. > Exploits that are theoretically possible are implemented by private 3rd > parties(and Hackers!). > > I've a small collection of utilities I know that I'm the only one who > has a copy, though other tools that work the same way more then likely > exist. > > Also one thing to keep in mind is the apparent competence of the attackers. > > > > If they didn't bother changing debsums then it's unlikely that they did any > > of > > the other tricky things which have been discussed (such as trojaning the > > kernel). > > > A RedHat expert can alter a running Debian kernel, but might miss debsum. > >
Out of curiosity, couldn't one technically boot up a liveCD, mount the drive(s) and then download the .debs individually, then extract them over the mounted partitions, effectively copying over all of the binaries. (Yeah, it'd be a nightmare, and quite frankly would be easier / faster to just re-install with the exported package list. Not to mention I'd trust it more just to re-install.) -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1328760003.1540.5.camel@localhost.localdomain
