The Fight for a Secure Linux BIOS

One reason many people are moving from Windows to Linux is security. People are tired of getting their Windows computers hacked every time they go online. The problem is that the Windows operating system has a Call Home function that is basically an open back door for hackers. But what is the point of having a secure Linux operating system on your computer if it has another program – the BIOS - that still has a Call Home function? In this article, we will explain why BIOS is important and describe the past, present and future of our fight for a secure Linux BIOS.

Note: This article is an update of my previous 2013 book Free Yourself from Microsoft and the NSA which explains the history of the relationship between Microsoft and the NSA and includes the early history of the UEFI BIOS. You can download for free at the following link: https://freeyourselffrommicrosoftandthensa.org/

This report is divided into the following ten sections:

1. Introduction… What is real computer security?

2. Who Am I and Why I am Concerned

3. Past BIOS Options

4. Design Flaws of UEFI

5. Legacy BIOS 2006 to 2012

6. Present UEFI BIOS Monopoly

7. History of UEFI Advanced Persistent Threats

8. Linux BIOS Options

9. Recent Intel Myths

10. Conclusion… How do we get a secure Linux BIOS?

You can also view a video presentation of this article at the following link:

https://www.youtube.com/playlist?list=PLjDc7gDlIASS-sQu73PlQhvGBKMNlOEZN

 

1. Introduction… What is real computer security?
This is what many (and perhaps most) people think that this is all they need to do to have a secure computer:

01

In this article, we will go beyond the bandaid approach and look at what real security requires.

What is BIOS?
BIOS or Basic Input Output System is the program that starts your computer before handing it over to your operating system.

02

NSA Pre-Test… How much do you know about the power of the Dark Side?
Q1: Do you think that the NSA can hack the Windows operating system?
Q2: Do you think the NSA can hack applications like Microsoft Office?
Q3: Do you think the NSA can hack the Intel Management Engine?
Q4: Do you think the NSA places hidden partitions on your hard drive?
Q5: Do you think the NSA has hidden “call home” back doors in the UEFI BIOS?

What is UEFI BIOS?
For more than 20 years, BIOS consisted of a small program that was independent of the operating system. Then, in May 2006, Bill Gates gave a speech announcing a “better” replacement for BIOS called the Unified Extensible Firmware Interface (aka UEFI) – a secret closed source program that was 10 times bigger than the prior BIOS.

UEFI is now a near monopoly BIOS found on all Windows and Apple computers and nearly all Linux computers. Thankfully, in 2007, Google began supporting Coreboot - a free open source alternative to UEFI. Coreboot eventually became the BIOS program for all Chromebooks. Recently, a Linux computer maker called Purism also started using Coreboot BIOS on their computers.

03

Is UEFI BIOS Secure?
We know from the Snowden and Vault 7 documents that the NSA has several back doors into the Windows Operating System since at least 1998. We also know that NSA the has a backdoor into the Intel Management Engine (ME) since 2007 – thanks to an August 2017 Report from PT Security. In this article, we will look at evidence that the NSA has placed back doors in the UEFI BIOS firmware program since 2007.

Why is a Secure BIOS Important?
If a hacker takes over your BIOS, they can control your operating system, applications and all of your documents stored on your computer hard drive.

04

   

2. Who Am I and Why I am Concerned

I have written many articles over the last 8 years explaining why the open back door in UEFI was a security risk. I have repeatedly urged Linux users to seek out computers that use Coreboot or some other open source BIOS program. https://learnlinuxandlibreoffice.org/1-why-switch-to-linux/1-4-uefi-the-microsoft-kill-switch

 

 

In 1985, by a stroke of luck, I started a small outdoor store less than one mile from another startup called Microsoft. So I have used every version of Windows from 1 to 10.

From 1985 to 2004, I also taught courses at Bellevue College which is the closest college to Microsoft. So I had thousands of Microsoft students & customers. I therefore know a great deal about the inside history of the Windows operating system.

In 1990, Tim Berners-Lee developed the World Wide Web and a mark-up language called HTML. At first only text, images and a browser were added in 1993. In 1994, with the help of some friends at Microsoft, I started one of the world’s first online stores, with Product Images, one year before the start of Amazon. Over the next 25 years, in addition to teaching at Bellevue College, I helped more than 100 small businesses start their own online stores. I became very aware of the security concerns of online businesses. Online retail is basically like a war zone. Hacker attacks occur almost every day! I therefore have been studying computer security and website security for more than 25 years.

05

In 2011, I began having serious problems with my Windows 7 computer. Windows Updates would take forever to load. Often Updates would not install at all. I tried every anti-virus program. I tried re-installing the operating system. Nothing helped. I called Microsoft Support. They could not help either.

06

I concluded that my computer had malware that could survive a replacement of my OS and hard drive. I then began studying how hackers could hide “persistent” hacking tools in a small program called the BIOS that starts before the operating system. I also learned that Microsoft installed a new BIOS called UEFI on my laptop without telling me and that UEFI had a “call home” function just like Windows that made UEFI wide open to hacking!

I began playing with Linux and Coreboot. In 2012, after a bad experience with Windows 8, I switched to Linux and Coreboot for good. Since 2012, I have helped thousands of people switch their Chromebook computer to a real Linux computer by reflashing Coreboot. For instructions on how to do this, visit my website LearnLinuxandLibreOffice.org

 

 

    3. Past BIOS Options

In 1970, we loading shoe boxes of punch cards on an IBM 360. It had a massive one Megabyte of Memory. The IBM 360 did not have a separate BIOS. In 1975, the original BIOS was created by Gary Kildall in order to rapidly create an operating system for several different kinds of computers without re-writing the entire operating system.

07

From 1976 to 1981, hobbyists would copy and modify this very simple BIOS program when making their own computers from kits. In 1981, IBM used a copy of BIOS to create their first PC. The IBM BIOS had a file size of only 40Kb. Others copied IBM. This original BIOS is now called Legacy BIOS and by 2005 had a file size of about 4Mb.

In 1999, Intel began a project called EFI to replace the original BIOS. But the project never went anywhere – likely because Intel is a hardware company and not a software company. In 2005, Microsoft and their Prism Partners took over the program and things really got moving.

08

The UEFI security signing mechanism is identical to the Microsoft Windows security signing. I do not mean similar. I mean IDENTICAL. Many sections of UEFI code even begins with the word “win.”

Here is a quote from Bill on May 23, 2006, the day he announced UEFI to the world:

09

https://news.microsoft.com/speeches/bill-gates-winhec-2006/

UEFI version 1.0 in 2006 was not that different from BIOS. In particular, it did not include secure boot. Neither did UEFI version 2.1 which was released on January 7, 2007. So what the heck was Bill Gates talking about in his 2006 speech when he referred to a “new capability”? Could it be that Bill knew something completely different was in the works?

Little did we know then that by “us” Bill was referring to his Prism Partners at the NSA and that by “new capability” Bill meant that the NSA would soon be able to hack into any computer on the planet by hacking into the new back doors they placed in the UEFI BIOS.

Beginning in 2008, just a few months after Microsoft joined the NSA PRISM program, strange things began to happen. The biggest change was with UEFI version 2.2. With UEFI version 2.2, the purpose began to change, the tools began to change and even the code began to change. Suddenly, instead of being merely an update to BIOS, UEFI became a nuclear weapon with the addition of Secure Boot. At the same time, the UEFI manual grew to be nearly 2,200 pages. Who could have done that? Pay no attention to that man behind the curtain (who also happens to be the richest man in the world).

Then UEFI version 2.3 was released in April 2011 – just 6 months before the “developer” release of Windows 8 at a Microsoft Developer conference in September 2011. The Secure Boot certificates were not released until 2012. This seemed to be an attempt to hide the real nature of Secure Boot until the release of Windows 8. In fact, it could have been that the chaos of the Windows 8 introduction was actually planned to hide the introduction of something much worse than Windows 8, namely the UEFI kill switch. Here is a partial diagram of the UEFI Structure.

11

In 2007 to 2008, Microsoft and their Prism Partners, turned UEFI from a simple, harmless hardware initializer into a security nightmare.

 

    4. Design Flaws of UEFI

First UEFI was and developed in secrecy. As security experts have often pointed out, secrecy means a lack of feedback and is therefore a model for failure. Incredibly, there is no way to know what is in the UEFI program or what kinds of bugs have been discovered because all members of the UEFI forum must sign an oath of secrecy. Even UEFI documentation is kept under secure files requiring UEFI passwords to access. This is the exact opposite of how the open source community works – where everyone knows about all bug reports and everyone works together and shares ideas and solutions to fix the bugs.

Second, UEFI is an enormous program with over 7000 files and more than 50 MB of code. There is safety in simplicity. More code simply leads to more ways to attack the system.

Third, UEFI has 'call home” feedback loops which were not present on BIOS and are not present on Core Boot. This is perhaps the worst shortcoming of UEFI. BIOS and Core Boot are almost completely separate from the operating system. Therefore attacks on the operating system rarely if ever affect the start up program. However, because secure boot will not work without a “call home” open back door, UEFI is the first start up program to ever have a call home feedback loop. This feedback loop would make it possible for an attacker who gains access to the Authorized Certificates to rewrite the code on the start up chip much more easily than could be done with either BIOS or Core Boot.

Fourth, the Secure Boot Certificate method has already been shown to be open to attack. Security expert, Bruce Schneier calls the certificate system “completely broken.”

11

Fifth, UEFI uses Microsoft programming languages which use backward slashes for file names. Backward slashes have previously led to easy attacks to the Windows operating system – this same attacks could go directly to the Start up chip due to the “call home” open back doors in UEFI.

Sixth: Secure boot is not secure
Secure boot uses a combination of keys to prevent you from downloading any program Microsoft feels they do not like. The problem is that some of the keys are public and the rest have been hacked in the past – and will be hacked again in the future. So the only one blocked from installing programs to your computer by secure boot is you. Microsoft has left the back door to your computer open since 1997. With Windows 8, they have now also left the front door to your computer open. Secure Boot opens up the Startup program to attack because it uses the same top down easily copied digital image system the Microsoft Windows uses to protect its open back door. The name Secure Boot lulls users into a false sense of security that their computer is secure when it is not.

Seventh: Secure Boot is very difficult for users to disable
Supposedly we have the option of turning off secure boot. The problem is that there are four major “families” of secure boot and every manufacturer has a different implementation. Without any consistency, this means that there are literally dozens of different kinds of secure boot systems.

Eighth: Even if you disable secure boot, UEFI still has huge problems
Secure boot is just the tip of the iceberg in terms of all the problems of UEFI. UEFI specifications are a secret. But what is known about them is that they are thousands of pages long. Subtracting the driver code, the size of UEFI is actually larger than the size of the entire Linux Kernel. What is in all of these thousands of files and lines of UEFI code? Many of the files in UEFI begin with a “win” prefix – meaning that they were written by Microsoft and Microsoft does not want to let us know what is in this code. UEFI is also written with Microsoft back slashes as path separators – just like Microsoft file paths– making it easier for hackers to attack it. Because UEFI is new it is certain to have many bugs and will have unpredictable reactions with many other programs. In particular, most of the new code affects boot loaders such as GRUB 2 and the Windows Boot Manager.

Ninth: There is a safer free option to UEFI called Core Boot
If either Microsoft or computer manufacturers really cared about safety, they would have installed the Core Boot Start up program. It is faster and safer than UEFI. By placing the passwords and control of the computer in the hands of the actual owner (you), there is no set of keys to be copied. A maker of processors, called AMD, now fully supports Core Boot. So manufacturers do have an easy option. Our hope is that if enough people return their Windows 8 computers and demand a computer with Core Boot, we will eventually be able to put this Windows 8/UEFI/Secure Boot Nightmare behind us.

Tenth: Claims that there are advantages to UEFI are false
We have been subjected to a wave of propaganda trying to convince us that UEFI has some kind of benefit. For example, they claim that UEFI can handle partitions bigger than 2 Terabytes. Well, so can Core Boot. Even the old BIOS can as long as they are divided between partitions. If you have more than two terabytes of data, you should not be putting so much data on a single hard drive anyway. You should use a second hard drive if only for safety reasons. You will also hear that UEFI allows you to have a much larger number of partitions. This is also not true. Core Boot has the same partitioning ability as UEFI and even the old BIOS system will let you have as many partitions as you want as long as you use the fourth partition to create an extended partition. You will also be told that Secure Boot protects against Root Kit infections. It does not. Anyone capable of creating a root kit attack is also capable of creating fake keys similar to the process used by the Flame virus. So do not be fooled. The only purpose of UEFI is to maintain and expand the Microsoft monopoly. If you want your system to be safe and under your control, then install and use Linux. If you really want security, then you need to get a computer with Core Boot.

Eleventh: You Can Not Get Rid of UEFI
Unfortunately, it is quite difficult to get rid of UEFI – or replace UEFI with Core Boot because UEFI is not on your hard drive. The only way you can get rid of UEFI is to return the computer to the store where you bought it, demand a refund and demand the option to buy a computer with Core Boot on it. It is also not likely that Windows 8 will work on anything other than UEFI because UEFI and Windows 8/10 were basically made for each other.

 

5. Legacy BIOS 2006 to 2012

The actual transition from Legacy BIOS to UEFI took about 6 years. Below is a 2010 “legacy” BIOS screen where you can change the start up order from your hard drive to a USB drive.

12

Below is a 2011 “Transitional” BIOS screen where you can change the start up order from your hard drive to a USB drive. Note the word “EFI”added to CD/DVD Boot Option. This is the first small step in a Microsoft Strategy called “Embrace, Extend, Extinguish”

13

   

 

 6. Present UEFI BIOS Monopoly

Currently, we can still change the BIOS from UEFI to Legacy.

14

However, in October 2017, Intel announced that they will be eliminating the Legacy BIOS option in January 2020.

WARNING Double Whammy coming in January 2020...
Not only will Intel end support for Legacy BIOS but Microsoft will end support for Windows 7. This will be a problem for folks with less than 4 GB of RAM. A lot of low income, older people and students will find their computers running much slower. What’s the problem with eliminating all other BIOS options in 2020? UEFI is loaded with Problems!

15

The Problem with a UEFI BIOS Monopoly
In June 2013, Edward Snowden provided a Million NSA documents to reporters. Some of these NSA Documents referred to the “Prism Partners Program” that the NSA began with Microsoft, Intel and others in 2007.

16

Another Snowden document, published by Der Spiegel in 2015, was a July 11, 2006 NSA “Persistence Division” job announcement looking for programmers to develop EFI firmware hacking tools beginning in January 2007: “BERSERKR is a persistent backdoor that is implanted into the BIOS and runs from SMM… There is a prototype that Works on Windows 7 but this also needs to work on Windows 2008.”

17

The firmware implant hides from the user on a hidden Partition that cannot be seen or accessed by the user but which can be activated by a secret “hook” or custom command. http://www.spiegel.de/media/media-35661.pdf

The following image is from a 2007 NSA Slideshow supplied by Snowden and made public by the Intercept on January 24 2019. The NSA and its Sub-contractors have at least 100,000 hackers. Many of these are in TAO or Tailored Access Operations. TAO has 6 Divisions. One of these Divisions is called “Access Tech & Operations.”
https://theintercept.com/document/2019/01/24/tailored-access-operations-2007/

18

This is slide 7 which describes the mission of the Persistence Division (mis-spelled) which is part of the Access Tech Division. Note the emphasis on remote access to Firmware and working with their “community partners” aka Microsoft and Intel.

19

NSA Persistence Division + MS + INTEL = UEFI
Another January 2007 NSA document referred to Supply Chain attacks using “Sierra Mist” which is a hidden partition on nearly all hard drives used to compromise “Firmware BIOS”. The code is for Windows OS and is written in C++.

20

Recall that in 2007 Microsoft and Intel created more than 500 UEFI modules including more than 100 Modules connected to the Intel SMM (System Management Mode). This is clear evidence that Microsoft and Intel were working directly with the NSA in 2007 to create UEFI as “a new mechanism to achieve persistence.”

The Difference Between a Computer Virus and an APT Rootkit
Most computer users tend to worry about their computer picking up viruses or hacking programs when they go online. Users add “anti-virus” software to their computers to help protect against these viruses. Operating system “updates” are also used to protect against viruses. However, since about 2007 and thanks to cyber weapons created by the NSA, computers are now subjected to much more harmful attacks – attacks that can take over or wipe out your entire computer.

21

These new attacks are all Advanced Persistent Threat or APT attacks. An Advanced Persistent Threat Rootkit is malware hidden in the BIOS (UEFI) or CPU (Intel ME). APT Rootkits can survive cleaning, updating or replacing the hard drive or the kernel or the operating system.

 

 

    7. History of UEFI Advanced Persistent Threats

The evolution of UEFI Advanced Persistent Threats has been very complex and is still evolving. It parallels the growth of the NSA and the Deep State. It started with the creation of UEFI and the Intel Management Engine in 2007. But it is still going on as can be seen by the March 2019 disclosure of Shadow Hammer – the latest NSA UEFI hacking tool. Below is a brief history of the UEFI Advanced Persistent Threats.

2007 NSA Launches Cyber War Against Iran called Olympic Games
The first public report on the NSA Cyber Warfare program was in a NY Times Jan 10 2009 article by David Sanger. The article stated that in the previous 15 months: “President Bush authorized new covert action intended to sabotage Iran’s suspected effort to develop nuclear weapons.”

https://www.nytimes.com/2009/01/11/washington/11iran.html?scp=1&sq=january%202009%20sanger%20bush%20natanz&st=cse

22

David Sanger then wrote a 2012 June NY Times article, and a 2012 book called Confront and Conceal, revealing that NSA and CIA officials, including James Cartwright met with President Bush in 2006 with a plan to launch a cyber warfare attack on Iran. This cyber warfare attack became known as Operation Olympic Games in January 2007 – the same month that UEFI version 2.1 was released with the SMM backdoor and the same year that Intel processors were developed with the Management Engine (ME) backdoor.

There were two versions of the Stuxnet virus – an early version which Kaspersky referred to as Fanny was launched in November 2007 while Bush was still President and a much more powerful version of Stuxnet was launched in early 2009 while Obama was President.

In February 2015, Kaspersky released a 44 page report on the Equation group – which we now know was the NSA- including about a dozen cyber weapons developed and used between 2007 to 2013. “There is one aspect of the EQUATION group’s attack technologies that exceeds anything we have ever seen before. This is the ability to infect the hard drive firmware.” https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08064459/Equation_group_questions_and_answers.pdf

While the hard drive firmware is different from the UEFI firmware, it is true that the UEFI firmware starts first and therefore can over-ride the hard drive firmware in addition to the boot loader and operating system. Can the existence of hidden code on UEFI be the reason that the file size of UEFI grew by a factor of 10 between 2006 to 2008? How else can these cyber weapons survive not only replacing the operating system, but even replacing the hard drive? According to Kaspersky, several other “Equation Group” cyber weapons date back to 2007 including a weapon called Duqu was compiled from a device running a Windows operating system on August 31, 2007.
https://securityaffairs.co/wordpress/1129/cyber-crime/stuxnet-duqu-and-the-sons-of-the-tilded-platform.html

2009 Stuxnet 2 is approved by Obama
The more powerful version of Stuxnet began on December 24, 2008 with the registration of the domain name for one of its Command and Control servers. However, by the time Mr. Bush left office, in January 2009 no wholesale destruction had been accomplished. Meeting with Mr. Obama in the White House days before his inauguration, Mr. Bush urged him to preserve Olympic Games. Mr. Obama took Mr. Bush’s advice. The 2009 version of Stuxnet could not only be spread by USB but also by networks with the first infection of this new version occurring on June 23, 2009 according to Stuxnet log files uncovered later by Kaspersky.

23

Just a few months earlier, in March 2009, researchers Alfredo Ortega and Anibal Sacco published details of a BIOS-level Windows rootkit that was able to survive disk replacement and operating system re-installation.

In 2009 July Microsoft released Windows Server 2008 R2 with full support for UEFI. This was the beginning of the forced shift from legacy BIOS to UEFI.

2010 The NSA Cyber War on Iran Escapes into the Wild – causing havoc all around the world
Despite spending billions of dollars on cyber warfare weapons aimed at the Siemans PLC systems used in Iran, the NSA was only able to slow down Iranian nuclear production by a couple of months. Instead of producing less nuclear fuel, Iran was soon increasing production. But even worse, beginning in late 2009, Stuxnet, Duqu, Flame and other NSA cyber weapons began to spread first to the Siemens PLC systems that controlled Iranian Oil Rigs and then to oil rigs all around the world. One of these oil rigs that used Siemens PLC systems was the Deep Water Horizon which begins to see drilling control computers crashing and Microsoft Blue Screens of Death in January 2010. On April 20, 2010, some combination of NSA hacking tools was at least partially responsible for the Deep Water Horizon Disaster. Total financial damage was more than $100 billion and the damage to the Gulf was beyond calculation.

According to the Deep Water Horizon Chief Electronics Technician Michael "Mike" Williams, five weeks before the April 20 explosion, in March 2010 he had been called to “check a computer system that monitored and controlled drilling.” Williams was in charge of all of the Deep Water Horizon’s computer systems.

In a sworn deposition from a hearing on July 23, 2010, Mr. Williams went into great detail describing the “persistent” problems the Windows computers on the doomed oil rig were having. You can download this entire report at the following link: http://techrights.org/wp-content/uploads/2010/10/deepwater_horizon_inquiry_7-23-10.pdf

On page 42 of the report, Mr. Williams states how long their computer problems had been going on: “For three to four months we’ve had problems with this computer simply locking up. We even coined a term, the blue screen of death, because it would just turn to a blue screen. You would have no data coming through … We had ordered replacement hard drives from the manufacturer… Between the manufacturer and the rig, they could not get the bugs worked out. Our sister rig, the NAUTILUS, was going through those growing pains kind of for us. We had already ordered all the equipment. We were just waiting on them to figure it all out so that we could copy their learnings and make it work on our rig… Meanwhile, we were limping along with what we had. We had ordered new hard drives. They came in. We replaced the images on the hard drives for the software imaging, got them back running, the chair would run for two, three days, and they would crash again…He was still working towards that up until the time of the explosion. It had not been resolved. The hard drives were replaced the week before the explosion. But the crashes kept occurring.”

It should be clear by now that what the NSA called “Persistence” that survives replacing the hard drive and replacing the operating system has deadly consequences for our entire planet.

2010 June Researchers “Discover” Stuxnet
On June 17, 2010, Sergey Ulasen was in his office in Belarus sifting through e-mail when a report caught his eye. A computer belonging to a customer in Iran was caught in a reboot loop — shutting down and restarting repeatedly despite efforts by operators to take control of it.

A total of five organizations in Iran were hit repeatedly in separate infections in June and July 2009 and again in March, April and May 2010. But due to the zero-day exploits in it, Stuxnet spread beyond these organizations, leaving a constellation of infections in its wake. https://www.wired.com/2011/07/how-digital-detectives-deciphered-stuxnet/

The security researchers notified Microsoft immediately, but Microsoft did nothing to fix the security flaw. After 2 weeks of waiting, on July 12, 2010, Sergey Ulasen posted an announcement about the security problem.

On July 12 2010, VirusBlokAda went public with the discovery in a post to a security forum.

In July 2010 Siemens stated that they had assembled a team to deal with the problem. But instead, they also did nothing for several months.

On August 6, 2010, Symantec published a blog post saying that Stuxnet was a targeted attack aimed at hijacking the Programmable Logic Controller in a Siemens control system by injecting malicious code. Each time Stuxnet infected a system, it “phoned home” to one of two domains — www.mypremierfutbol.com and www.todaysfutbol.com hosted on servers in Malaysia and Denmark — to report information about the infected machines. The command-and-control servers let the attackers update Stuxnet on infected machines with new functionality or even install more malicious files on systems intended to sabotage the PLCs. Within a week of establishing the sinkhole, about 38,000 infected machines were reporting in from dozens of countries. Before long, the number would surpass 100,000. https://www.symantec.com/connect/blogs/stuxnet-introduces-first-known-rootkit-scada-devices

2010 August It fell to crucial players in Olympic Games — General Cartwright and Michael J. Morell, the deputy director of the C.I.A. — to break the news to Mr. Obama and Mr. Biden. At a White House meeting, after being told that Stuxnet had escaped into the wild, and that security researchers were starting to write articles about it, Obama asked “Should we shut this thing down?” Obama decided to continue the attacks.

2010 September 23 Kaspersky issued their first report on Stuxnet calling it the world’s first cyber warfare weapon. https://www.kaspersky.com/about/press-releases/2010_kaspersky-lab-provides-its-insights-on-stuxnet-worm

2010 October Microsoft released a record number of software patches aimed at countering the Stuxnet "worm" attacking industrial networks.

2010 November F Secure publishes first detailed analysis of Stuxnet noting that the start date for one version was January 2009 but was not discovered by researchers until June 2010. https://www.f-secure.com/weblog/archives/00002040.html

2011 October The Laboratory of Cryptography and System Security discovered an NSA weapon called Duqu. They issued a 60 page report comparing Duqu to Stuxnet. They noted that both Stuxnet and Duqu used valid digital certificates to bypass Microsoft security. The Duqu certificate was issued on August 3 2009. These are the only two viruses thus far to have valid digital certificates. While Stuxnet is 1.2 MB, Duqu is only 0.4 MB. Both cyber weapons use the same Dynamically Linked Library (DLL) functions. Duqu files date from April 14 2008. Both viruses have the ability to remotely update themselves from NSA Command and Control servers. The Duqu infection method uses a Microsoft Word document with hacking code hidden in the type face. Duqu also hides malware in a JPEG image. https://www.crysys.hu/publications/files/bencsathPBF11duqu.pdf

2011 October to December Kaspersky releases a series of seven reports on Duqu linking it to Stuxnet
https://securelist.com/duqu-faq-33/32463/

The driver loaded by the exploit into the kernel of the system had a compilation date of August 31, 2007. The analogous driver found in the dropper from CrySyS was dated February 21, 2008. Every single Duqu targeted attack used a separate C&C server. There have been more than a dozen Duqu command and control servers active during the past three years. Many different servers were hacked all around the world, in Vietnam, India, Germany, Singapore, Switzerland, the UK, the Netherlands, Belgium, South Korea to name but a few locations. These Duqu C&C were never used as true C&C – instead they were used as proxies to redirect traffic to the real C&C, whose location remains unknown.

24

December 28 2011 Cory Doctorow The War Against Your Personal Computer
“Our computers are becoming some combination of rootkits and spyware...Manipulated by traitors and spies working for criminals and control freaks... This is the opposite of computer freedom. This is computer slavery.”

In May 2012 Kaspersky released a report on the Flame Virus linking it to Stuxnet and Duqu
Flame had been created by the summer of 2008. Flame is a sophisticated attack toolkit, which is a lot more complex than Duqu or Stuxnet. Flame uses the Windows Automatic Update system to infect computers. It is a backdoor allowing it to replicate in a local network and on removable media if it is commanded so by its master.

https://securelist.com/the-flame-questions-and-answers-51/34344/

25

Flame can easily spread to other systems over a local network or via memory stick. Is able to record audio- through Skype or MSN, can take screenshots, is sensible on a keyboard activity. Basically is collecting the information and then sends it on a command station.

26

The Flame malware is a large attack toolkit made up of more than 20 modules. One of the main modules was named Flame – it’s the module responsible for attacking and infecting additional machines.

27

Flame is a huge package of modules comprising almost 20 MB in size. A network of 80 Command and Control servers across Asia, Europe and North America has been used to access the infected machines remotely.

Flame used a counterfeit Microsoft security certificates to verify its trustworthiness. Faking credentials from Microsoft would give the malware far more credibility than using certificates from other vendors, as would hiding updates in Windows Update.
https://www.f-secure.com/weblog/archives/00002377.html

Flame used two certificates issued by Microsoft Root Authority and one by Microsoft Root Certificate Authority. One of these certificates does not expire until 2016 and another does not expire until 2017. Thus, these certificates were valid for 5 to 6 years when the average certificate does not last for more than one year. This indicates that Microsoft may have worked with the NSA in issuing these very special certificates.

Here is what both Flame and Stuxnet did. First, they would attempt to connect to two valid websites to establish an internet connection. These sites were windowsupdate.com and msn.com. They would then connect to the malicious site futbol.com.

In September 2012, security researchers discovered security shortcomings in UEFI that create a means to infect the Windows operating system with rootkit malware. Italian security consultants ITSEC discovered the security hole following an analysis of the Unified Extensible Firmware Interface (UEFI). Mark Giuliani, the Director of ITSEC told El Reg. “Writing a rootkit couldn't be an easier task for virus writers with the UEFI framework available, much easier than before with BIOS when they needed to code in pure assembly. Marco Giuliani,Director of ITSEC, Hacking UEFI... New Vicious UEFI rootkit vulnerability found for Windows 8
https://www.theregister.co.uk/2012/09/19/win8_rootkit/

Linus Torvalds, the founder of the Linux project is also not impressed with UEFI. “The real problem, I feel, is that clever hackers will bypass the whole (UEFI) key issue either by getting a key of their own (how many of those private keys have stayed really private again? Oh, that’s right, pretty much none of them) or they’ll just take advantage of security bugs in signed software to bypass it without a key at all.” Linus Torvalds on Windows 8, UEFI and Fedora June 10, 2012

2012 August Kaspersky releases 50 page report on Gauss linking it to Flame, Stuxnet, and Duqu
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/20134940/kaspersky-lab-gauss.pdf

28

Here are some of the Gauss Command & Control Servers

29

These are top level domains meaning that there may be hundreds of sub-domains. While many domains are now hosted overseas, many were previously hosted on US servers. Flame uses more than 100 domains and more than 20 fake identities. Registration dates go back to January 2011 but code dates in Flame go all the way back to 2007. Gauss has encrypted its payload making it harder to analyze.

October 2012 With the release of Windows 8, Microsoft's certification requirements now require that computers include firmware that implements the UEFI specification.

2013 June Edward Snowden releases one million NSA documents confirming that the NSA spends $52 billion per year on offensive cyber weapons. (Computer Network Operations – Genie). TAO changed its name to Computer Network Operations. At 10,000 paid hackers per billion dollars, this implies that the NSA has more than 100,000 “fusion agents.”

2013 September I publish Free Yourself From Microsoft and the NSA summarizing UEFI problems and the connection between MS and the NSA. To get a free copy of this book, visit this link:
https://freeyourselffrommicrosoftandthensa.org/

30

In February 2015 Kaspersky releases 44 page report on NSA Equation Group summarizing their hacking tools over the past 10 years.
https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/08064459/Equation_group_questions_and_answers.pdf

90% of the servers used by Equation were shut down in 2014, which could indicate a reaction to the huge trove of leaks from Edward Snowden about the NSA in 2013. The biggest mistake made by the Equation group was its failure to renew up to 20 of its 300 Command & Control servers. Kaspersky quickly registered these domains and over the last 10 months used them to sinkhole (redirect) communications with Equation-infected machines.

31

The report described several NSA cyber weapons including Triple Fantasy, Fanny (a 2008 predecessor to Stuxnet), Stuxnet, Duqu, Flame and Gauss as well as Equation Drug and Gray Fish that compromise hard drive firmware.

The researchers uncovered two versions of the flasher module: one that appears to have been compiled in 2010 and is used with EquationDrug and one with a 2013 compilation date that is used with GrayFish. Hard drive disks have a controller, essentially a mini-computer, that includes a memory chip or flash ROM where the firmware code for operating the hard drive resides. When a machine is infected with EquationDrug or GrayFish, the firmware flasher module gets deposited onto the system and reaches out to a command server to obtain payload code that it then flashes to the firmware, replacing the existing firmware with a malicious one.

The Trojanized firmware lets attackers stay on the system even through software updates. If a victim, thinking his or her computer is infected, wipes the computer's operating system and reinstalls it to eliminate any malicious code, the malicious firmware code remains untouched. It can then reach out to the command server to restore all of the other malicious components that got wiped from the system. The ROM chip that contains the firmware includes a small amount of storage that goes unused. If the ROM chip is 2 megabytes, the firmware might take up just 1.5 megabytes, leaving half a megabyte of unused space that can be employed for hiding data the attackers want to steal.

The flash chip where the firmware resides is too small for large amounts of data. So the attackers would need a bigger hidden space for storage. Luckily for them, it exists. There are large sectors in the service area of the hard drive disk that are also unused and could be commandeered to store a large cache of documents, even ones that might have been deleted from other parts of the computer. This service area, also called the reserved are or system area, stores the firmware and other data needed to operate drives, but it also contains large portions of unused space

"The idea would be to modify the firmware of a particular hard drive so that it normally only recognizes, say, half of its available space. It would report this size back to the operating system and not provide any way to access the additional space."

A Kaspersky spokesman said "There is zero chance that someone could rewrite the [hard drive] operating system using public information." indicating that the NSA was given the sensitive code by hard drive manufacturers.

Only one partition of the drive would be visible on the partition table, leaving the other partitions—where the hidden data was stored—invisible and inaccessible.The modified firmware would have a special hook embedded in it that would unlock this hidden storage space only after a custom command was sent to the drive and the computer was rebooted
http://www.spiegel.de/media/media-35661.pdf

June 11, 2015 Universal UEFI hacking tool released
A research report developed a system for hacking millions of Windows computers. See How Many Million BIOSes Would You Like to Infect

http://legbacore.com/Research_files/HowManyMillionBIOSesWouldYouLikeToInfect_Whitepaper_v1.pdf

32

2015 July Spyware Firm Hacking Team was hacked exposing more than 400GB of hacking tools including a UEFI rootkit called Galileo to keep Remote Control Systems installed on target systems.
Hacking Team charged more than 35 repressive governments a total of more than 40 million dollars to help their dictators spy on and arrest political opponents using the UEFI backdoor. The UEFI hacks had been used since at least 2012. Top clients were Mexico, Italy, Morocco, Saudi Arabia, Chile, Hungary, Malaysia and many others.

https://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-uses-uefi-bios-rootkit-to-keep-rcs-9-agent-in-target-systems/

33

The UEFI malware made sure that Windows was always infected. If you’re a target of a Hacking Team customer, even formatting your disk and re-installing Windows would not remove the malware. As soon as you reboot, the malicious BIOS firmware would re-infect the freshly installed Windows with the same malware again.

2016 March Petya Ransomware attack uses NSA Eternal Blue with propagation via infected email PDF attachments.

2016 July Think Pwn: Lenovo Think Pad System Management Mode arbitrary code execution 0-day exploit.
Lenovo released advisory for this vulnerability, they claims that vulnerable code written by Intel was received from 3rd party IBV (Independent BIOS Vendor). Now we can say for sure that products from other OEM's also has this vulnerability. https://support.lenovo.com/my/en/solutions/LEN-8324

An attacker exploiting the vulnerability will gain privileges that will allow them to run arbitrary code in System Management mode on Windows 10 machines. Lenovo responded that its investigation is ongoing and that the vulnerable System Management Mode code was written by Intel and came to Lenovo from one of its BIOS vendors; these suppliers take original chip code from Intel and AMD and customize them to work with specific computers.

“The package of code with the SMM vulnerability was developed on top of a common code base provided to the IBV by Intel. Importantly, because Lenovo did not develop the vulnerable SMM code and is still in the process of determining the identity of the original author, it does not know its originally intended purpose,” Lenovo said in its statement. “But, as part of the ongoing investigation, Lenovo is engaging all of its IBVs as well as Intel to identify or rule out any additional instances of the vulnerability’s presence in the BIOS provided to Lenovo by other IBVs, as well as the original purpose of the vulnerable code.”

https://threatpost.com/scope-of-thinkpwn-uefi-zero-day-expands/119027/

Such attacks against SMM are not new: two other occurrences were presented at the Black Hat conference in 2008 and 2015.

June 2016 Microsoft Hands Golden Key over to Hackers
As if the insanity of handing the keys to our computers over to Microsoft was not bad enough, in June 2016, two computer security researchers discovered that Microsoft was doing some rather reckless things with these Golden Keys. Microsoft developers wanted to make changes to certain devices without going through the hassle of getting authorized keys to Secure Boot. So they developed a secret “super policy” for bypassing Secure Boot completely. Had this Golden Key “super policy” been discovered by hackers it would have given them unlimited access to nearly every computer in the world. The only good news to this story is that this backdoor nuclear weapon was discovered by “Good Guy” researchers before it was discovered by Bad Guy hackers.

https://www.infoworld.com/article/3106079/security/secure-boot-proves-insecurity-of-backdoors.html

After the researchers notified Microsoft of the issue, the company released a security patch MS16-094 in July 2016. This “golden key” super policy is now blocked from loading on computers with the July patch installed. However, the July patch is not a complete fix -- it's at most a small roadblock. The issue remains only partially addressed, and what's worse, it is believed that it is impossible for Microsoft to fully revoke the leaked Golden Key Super policy.

34

Because of the implications of this Golden Key Backdoor being released to the wild, the two researchers wrote a letter to the FBI explaining why the entire concept of having super keys to all computers was a bad idea:

“Microsoft implemented a 'secure golden key' system. And the golden keys got released by Microsoft's own stupidity. Now, what happens if you tell everyone to make a 'secure golden key' system? This is a perfect real-world example about why your idea of back dooring crypto systems with a 'golden key' is very bad!”

The first lesson we should learn from the 2016 Golden Key incident is that keys and secrets will eventually get leaked or stolen. The second lesson is that a fix is not always possible.

Extreme Tech reviewed this incident and concluded: “One small leak is all it takes to let the cat out of the bag — and thanks to the Internet, there’s no way to prevent such information from spreading. Security that depend on human perfection to lock down content will always fail, because humans aren’t perfect. Episodes like this will never stop happening — which means we need to stop looking towards hypothetical golden keys as solutions to real-world problems.”

If we really want to protect our computers, we need to only use computers that do not use UEFI, Secure Boot and Golden Keys in the first place.

October 31 2016 Shadow Brokers publishes a list of servers in 49 countries that had been hacked by the NSA.
The list contained 306 domain names and 352 IP addresses that the NSA/CIA used as Command and Control Servers.

https://thehackernews.com/2016/10/nsa-shadow-brokers-hacking.html

35

January 10, 2017 I publish an 87 page report called Hack Everything exposing the NSA Role in the Hacking of the 2016 US Election

36

My report included analysis of 800 IP addresses supplied by the NSA in December 2016 as “proof” that the Russians hacked the 2016 US Election. I showed that all of these IP addresses fell into one of three categories:

#1: Public IP addresses (such as libraries and schools) in countries around the world
#2: TOR exit nodes being attacked by the NSA
#3: Fake Hosting Companies run as shell corporations by the NSA often pretending to be in foreign countries but in fact being registered as corporations here in the US. https://turningpointnews.org/phocadownload/Hack%20EverythingA%20Detailed%20Timeline%20of%20the%20DNC%20Hack.pdf

Later in this report, we will provide an April 23, 2019 example where Shadow Hammer also used a fake “Chinese” web host – a corporation registered in the US with servers actually located in Los Angeles.

 

2017 March 7 Wikileaks releases Vault 7 exposing 8,700 CIA – NSA hacking tools.

These Vault 7 hacking tools were made with 700 million lines of code times an estimated cost of $100 per line equals $70 billion dollars in tax payer funds paid for hacking costs – just for the NSA hacking software. Among the 8,700 NSA/CIA tools were UEFI hacking tools.

37

2017 March 31 Wikileaks publishes Marble Framework NSA hacking computers and mislead victims of NSA hacking attacks by leaving “Russian Finger Prints.”
Wikileaks published 676 additional NSA Vault 7 Hacking Tools. Significantly, these Vault 7 hacking tools included tools for misleading victims and researchers into thinking that NSA hacks were Russian or Chinese when in fact the attacks were written by and coming from the NSA.

38

The CIA's Marble Framework tool includes a variety of different foreign language text intentionally inserted into the malware source code to fool security analysts and falsely attribute attacks to the wrong nation. The leaked files indicate that the Marble's source code includes Chinese, Russian, Korean, Arabic and Farsi languages. Here is an NSA Quote describing the purpose of the Marble Framework: “The Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools. When signaturing tools, string obfuscation algorithms (especially those that are unique) are often used to link malware to a specific developer or development shop. This framework is intended to help us (AED) to improve upon our current process for string/data obfuscation in our tools. The framework utilizes pre and post-build execution steps to apply obfuscation to the tool.”
https://wikileaks.org/ciav7p1/cms/page_14588467.html

April 2017 UEFI Ransomware Video

https://www.youtube.com/watch?v=xYrcaa1fSXA&t=130s

Here is what your screen looks like at the end of this 5 minute video:

39

At the BlackHat Asia 2017 security conference, researchers from cyber-security firm Cylance disclosed two more vulnerabilities which allow an attacker to write malicious content to the UEFI firmware.They installed a UEFI ransomware, preventing the devices from booting. They noted the same flaws can be used to plant rootkits that allow attackers to persist malware for years.

An attacker can exploit both flaws to execute code in the System Management Mode (SMM) and plant malicious code in the firmware itself. A vulnerable SMI handler allows the attacker to execute code in SMM mode where he finally can bypass any write protection mechanisms and install a backdoor into the system's firmware.

2017 April 14 Shadow Brokers released 300 MB of NSA TAO hacking tools including the Eternal Blue “point and click” remote controlled backdoor (later used in the WannaCry Ransomware attack as well as the Not Petya and Bad Rabbit attacks. "It is by far the most powerful cache of exploits ever released," Matthew Hickey, a security expert and co-founder of Hacker House, told Ars. "It is very significant as it effectively puts cyber weapons in the hands of anyone who downloads it."

2017 May Wanna Cry Ransomware attack strikes Windows computers and networks around the world using Eternal Blue causing about $6 billion in damage.

June 27 2017 June Not Petya Supply Chain attack loaded via remote update system becomes world’s most costly hack with more than 10 billion dollars in damages. The attack spread in part using a remote controlled software update from an accounting program – indicating that the server issuing the update had been compromised.

The "NotPetya" cyber weapon used an NSA hacking tool called uses EternalBlue that was leaked in April 2017 by Shadow Brokers and then used in May 2017 in the Wanna Cry Ransomware attacks.

According to an update seen in Motherboard, German e-mail provider Posteo has shut down the e-mail address that victims were supposed to use to contact blackmailers and send bitcoins, and from which they would receive decryption keys. With the e-mail address blocked, victims won’t be able to pay the criminals or get their files back.

Mikko Hypponen, chief research officer at Finnish infosec firm F-Secure, told El Reg: "I believe that NotPetya was the single most expensive computer security incident in history. I believe it created bigger losses than any malware outbreak ever, or any hacking incident ever, or any data leak ever. It was historic."

2017 August CCleaner Shadow Pad “Supply Chain” attack is loaded via a remote update system to more than 2 million computers – including ASUS.

Months later on August 2, the attackers began contaminating CCleaner downloads.  The attackers first installed malware called ShadowPad, sort of customizable malware platform that can be used for an assortment of attacks. One of the companies infected by the Ccleaner attack was Asus – which was then used for an even worse attack one year later. https://www.kaspersky.com/about/press-releases/2017_shadowpad-how-attackers-hide-backdoor-in-software-used-by-hundreds-of-large-companies-around-the-world

The attackers behind this malware have already registered the domains covering July to December 2017, which indirectly confirms alleged start date of the attack as around mid July 2017. These were some of the domain names used by the hackers: ribotqtonut[.]com, nylalobghyhirgh[.]com, jkvmdmjyfcvkf[.]com, bafyvoruzgjitwr[.]com, xmponmzmxkxkh[.]com, tczafklirkl[.]com, notped[.]com, dnsgogle[.]com, operatingbox[.]com, paniesx[.]com, techniciantext[.]com

operatingbox.com was registered on GoDaddy in November 2017

2017 August PT Security Reverse Engineered the Intel CPU Management Engine and discovered it contained an NSA High Assurance Platform (HAP) Backdoor which they were able to use to disable the Intel Management Engine in the same way that the NSA was able to disable the Intel ME.

A team of researchers from Positive Technologies discovered an undocumented configuration setting, designed for use by government agencies, to disable Intel Management Engine. The NSA wanted to ensure the agency could close off any possible security risk by disabling Intel ME.
http://blog.ptsecurity.com/2017/08/disabling-intel-me.html

ME allows for remote access and control of machines where it is up and running, and can automatically download and update firmware for the CPU and subsystems on the motherboard. The NSA ME key was labeled High Assurance Platform which is an NSA “Fusion” group.

Although it is not possible to entirely disable ME, hackers can still compromise devices in an undocumented mode called High Assurance Platform (HAP). The experts discovered a special HAP bit, which after being installed allows disabling Intel ME at an early stage of booting.

December 2017, Positive Technologies experts Mark Ermolov and Maxim Goryachy gave a presentation at Black Hat Europe about a vulnerability in Intel Management Engine, which allows intruders to access most of the data and processes on a computer.
https://www.blackhat.com/docs/eu-17/materials/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine.pdf

Here is one of the 73 slides from this presentation:

40

The name High Assurance Platform belongs to a trusted platform program linked to the U.S. National Security Agency (NSA). Presentation with program description is available online here:

http://fm.csl.sri.com/LAW/2009/dobry-law09-HAP-Challenges.pdf

HAP is basically the “fusion” of government and commercial technologies such as the Intel processor core “security features”:

 

 

41

 

2017 October Intel announces they will remove the Compatibility Support Module (CSM) from UEFI eliminating Legacy BIOS as a firmware option in January 2020.

How to Disable the Intel Management Engine on your Linux computer
You can use a tool called ME Cleaner to reduce the Intel Management Engine to the bare minimum. The process is complex.

42

This is the link to github repository for me_cleaner : https://github.com/corna/me_cleaner If your computer doesn't start, restore the original firmware by running the following code in the terminal: ./flashrom -p linux_spi:dev=/dev/spidev0.0,spispeed=10000 -c CHIP MODEL -w original_dump.bin

April 2018 20 Year Old Hacker Shows How to Hack UEFI
In this video a 20 year old hacker explains how to hack UEFI in 13 minutes. “You do not need to know much “Because UEFI is badly written software. I call this the Lord of the Rings attack Others call it the SMM attack. SMM is controlling everything “

43

https://www.youtube.com/watch?v=lzZvL1wZ-WM

44

2018 October video of 4 minute Evil Maid SMM UEFI direct attack at DEFCON 26 in Las Vegas using the UEFI update system.

Remote 10 second Demo at 38 minutes in the video. “This is what Hacking Team did with their UEFI implant.” The DEFCON hackers warned ASUS in 2018 and were ignored. https://www.youtube.com/watch?v=CxqNgjMZAbk

45

March 25 2019 Kaspersky exposes Shadow Hammer which has infiltrated the UEFI Update Systems of ASUS and affecting hundreds of thousands of computers. Security vendor Avira said it had observed at least 438,000 ASUS devices on which the initial malware installer was executed. ASUS has sold more than 4 million laptops in the past year that could now be infected. https://securelist.com/operation-shadowhammer/89992/

As with Not Petya, CCleaner and Flame, Shadow hammer is installed using a hacked vendor update. But instead of being an application update (Not Petya and Ccleaner in 2017) or an operating system update (Flame in 2012), Shadow Hammer is delivered using a UEFI BIOS update – making Shadow Hammer much more dangerous than either Not Petya or Flame.

The ASUS live update tool that delivered malware to customers last year is installed at the factory on ASUS laptops and other devices. When users enable it, the tool contacts the ASUS update server periodically to see if any firmware or other software updates are available. The malware reached out to asushotfix.com, a site masquerading as a legitimate ASUS site, to fetch a second-stage backdoor that it downloaded to that system. The command-and-control server that delivered the second-stage backdoor was registered May 3 last year but was shut down in November before Kaspersky discovered the attack.

The attackers used two different ASUS digital certificates to sign their malware. ASUS has still not invalidated the two compromised certificates, which means the attackers or anyone else with access to the unexpired certificate could still sign malicious files with it, and machines would view those files as legitimate ASUS files. Furthermore, according to the reporter who broke the story, ASUS had also tried to have Kaspersky sign a non-disclosure agreement (NDA) in an attempt to keep the incident quiet.

46

The Kaspersky researchers believe the Shadow Hammer attackers were behind the Shadow Pad and CCleaner attacks and obtained access to the ASUS servers through the latter attack. Targeted MAC addresses of the Shadow Hammer attack includes VMWare and Huawei.

April 23 2019 Shadow Hammer New Details
We are dealing with a case of compromised digital signatures. The same two certificates have been used in the past to sign at least 3000 legitimate ASUS files which makes it very hard to revoke these certificates.Therefore, we recommend software vendors introduce another procedure into their software production process that additionally checks their software for potential malware injections even after the code is digitally signed.

https://securelist.com/operation-shadowhammer-a-high-profile-supply-chain-attack/90380/

Kaspersky extracted the history of changes and collected the following information indicating the time and C2C of ongoing operations in 2018:

Jul 31: UDP://103.19.3[.]17:443

  • Aug 13: UDP://103.19.3[.]17:443

  • Oct 08: UDP://103.19.3[.]17:443

  • Oct 09: UDP://103.19.3[.]17:443

  • Oct 22: UDP://117.16.142[.]9:443

  • Nov 20: HTTPS://23.236.77[.]177:443

  • Nov 21: UDP://117.16.142[.]9:443

  • Nov 22: UDP://117.16.142[.]9:443

  • Nov 23: UDP://117.16.142[.]9:443

  • Nov 27: UDP://117.16.142[.]9:443

  • Nov 27: HTTPS://103.19.3[.]44:443

  • Nov 27: TCP://103.19.3[.]44:443

  • Nov 27: UDP://103.19.3[.]44:1194

  • Nov 27: HTTPS://23.236.77[.]175:443

  • Nov 29: HTTPS://23.236.77[.]175:443

  • Nov 29: UDP://103.19.3[.]43:443

  • Nov 30: HTTPS://23.236.77[.]177:443

The most recent Command and Control server for Shadow Hammer as of December 2018 has the IP addresses 23.236.77[.]175 and 23.236.77[.]177. Kaspersky notes that the IP address range 23.236.64.0-23.236.79.255 belongs to the Chinese hosting company Aoyouhost LLC,incorporated in Los Angeles, CA. The registration of this LLC was October 2013. Their address is 530 West 6th Street ste.601, Los Angeles, CA 90014

While they have offices in Hong Kong, they have servers in the US. They have a lot of servers. This is their web page: aoyouhost.com

47

This is a very nicely coded bootstrap website. But why would a Chinese server company use images of Americans to recommend their product?

48

The website claimed that the hosting company started in 2010 - but the Wayback Machine indicates that their website did not go online until February 2013. Even stranger, in February 2013, the website looked almost exactly the way it looks today. No real change in over 6 years.

While most web hosts have as many as 1000 websites on a single server, auyouhost.com hosts only 85 websites all on US servers.

Only one site is in the top 100,000. It is slieny.com which is a Chinese gaming website. According to the Wayback Machine, this website was first active in June 2009. The site lists a copyright of 2004 to 2008. It has a member log in feature. The content has really grown over the years.

49

Other sites hosted on this server appear to be much more unusual. For example, Boiler-tubes.com is not really a website at all. Instead, the very unusual source code for this one page website is written in PHP and appears to be some sort of Database request.

What about the other domain name used in the ShadowHammer attack: Asushotfix.com
The malware is downloaded using one of the following image files: https://asushotfix[.]com/logo.jpg (or https://asushotfix[.]com/logo2.jpg in newer samples).

Here is the result of placing this URL in a web browser:
https://asushotfix.com/logo2.jpg

50

According to the Wayback Machine, this web page or this image has never been posted on the Internet. The domain name was not found by icann.org but was found via whois.net

Domain Name: ASUSHOTFIX.COM
Updated Date: 2018-11-13T15:44:47Z
Creation Date: 2018-05-03T10:26:36Z
Registry Expiry Date: 2019-05-03T10:26:36Z
Name Server: NS1.DNSOWL.COM
Hosted on DNSowl.com
dnsowl.com is also hosted by dnsowl.com

51

Domain Name: DNSOWL.COM
Updated Date: 2018-07-31T15:56:03Z
Creation Date: 2010-01-11T17:15:45Z
Registry Expiry Date: 2022-01-11T17:15:45Z

It started in 2010 but also did not go online until 2013. It went back offline in 2014. But as you can see above, the domain name was updated and renewed in July 2018 and does not expire until 2022. In 2013, dnsowl.com was a restricted website with the text 401 Authorization. The same in 2014. Then the site went offline.


2020 January Microsoft will end support for Windows 7 and Intel will end support for Legacy BIOS.

 

 

    8. Linux BIOS Options

Currently, if you want to buy a new computer that does not have UEFI, your only options are to buy a Chromebook (which uses Coreboot) and reflash it (see Learn Linux and LibreOffice dot org for more information on this process) – or buy a Purism laptop which also uses Coreboot.

2019 February Purism Announces Pure Boot Coreboot Laptops

https://puri.sm/posts/pureboot-the-high-security-boot-process/

PureBoot starts by loading a free software BIOS, coreboot, so that you can audit your BIOS for security bugs or back doors.

Intel Management Engine Risks: The Intel Management Engine (ME) is a special piece of software from Intel that runs on all modern Intel computers, and is required to initialize the hardware. In some computers, the ME includes Advanced Management Technology (AMT) software, allowing IT to remotely access a computer over the network, see what’s on the screen and control the hardware.

Many security experts are very worried about the ME’s complete and fundamental access to your computer’s hardware, because its source code is proprietary and therefore it can’t be audited for security bugs, or for back doors that might be planted by the vendor or by a sophisticated adversary.

Pure Boot protects against ME vulnerabilities in a number of ways. We start by choosing an ME chip that does not contain AMT features to begin with, and then we disable the ME by setting the “disable” bit within the ME.

Positive Technologies has found a number of security vulnerabilities in the Intel Management Engine over the years. Since we don’t really want to rely on trusting the ME to disable itself, we also neutralize the ME by erasing most of the code within it, leaving only a minimal set of modules, essentially for initializing the hardware. Additionally, we also protect the system – from attacks that might modify the ME code itself — with our TPM chip, and with Heads tamper-evident boot software. You can read more specifics about our process here and here.

Linux Boot AKA NERF– Our Best Hope for a Secure Linux BIOS on ALL computers

What about those who do not have a Purism laptop. We need a BIOS that will work on any laptop… Ron Minnich and others at Google are working on Linux Boot - a secure BIOS that uses the core of the Linux operating system as firmware. https://www.linuxboot.org/

October 27 2017 38 minute video by a Google engineer Ron Minnich about how we can replace UEFI with Linux Boot:

 

52

 

https://www.youtube.com/watch?v=iffTJ1vPCSo1

Replace Your Exploit-Ridden Firmware with Linux - With the WikiLeaks release of the Vault 7 material, the security of the UEFI (Unified Extensible Firmware Interface) firmware used in most PCs and laptops is once again a concern. UEFI is a proprietary and closed-source operating system, with a codebase almost as large as the Linux kernel, that runs when the system is powered on and continues to run after your computer boots the Operating System. UEFI is therefore a great place to hide exploits, since it never stops running, and these exploits are undetectable by kernels and programs. Our answer to UEFI is NERF (Non-Extensible Reduced Firmware), an open source software system developed at Google to replace almost all of UEFI firmware with a tiny Linux kernel combined with the u-root project (http://u-root.tk/), which are written in the Go language. Ron Minnich invented LinuxBIOS (now called coreboot) in 1999.

The problem, Minnich said, is that Linux has lost its control of the hardware. Back in the 1990s, when many of us started working with Linux, it controlled everything in the x86 platform. But today there are at least two and a half kernels between Linux and the hardware. Those kernels are proprietary and, not surprisingly, exploit friendly. Worse yet, exploits can be written into the flash of the system so that they persist and are difficult or impossible to remove—shredding the motherboard is likely the only way out.

In 2018, Linux, Facebook (Open Computing Foundation), ARM, Intel, OpenSUSE, Secunet, Horizon Computing, Two Sigma,, 9 elements Cyber Security and Siemens joined Google in supporting the Linux Boot project. At the same time, Purism developed their own version of Coreboot for their Purism Linux computers.

53

The project is called "non-extensible reduced firmware" (NERF), partly because the team believes the "extensible" in UEFI is harmful.
https://trmm.net/NERF

The LinuxBoot project (formerly NERF) is a collaboration between Google, Facebook, Horizon Computing Solutions, and Two Sigma that aims to build an open, customizable, and slightly more secure firmware for server machines based on Linux. It supports different runtimes, like the Heads firmware or Google's NERF.

Unlike coreboot, LinuxBoot doesn't attempt to replace the chipset initialization code with opensource. Instead it retains the vendor PEI (Pre-EFI environment) code as well as the signed ACM (authenticated code modules) that Intel provides for establishing the TXT (trusted execution environment). The LinuxBoot firmware replaces the DXE (Driver Execution Environment) portion of UEFI with a few open source wrappers, the Linux Kernel and a flexible initrd based runtime.

For more information about LinuxBoot, you can read my LinuxBoot talk at 34C3 or go to https://linuxboot.org/

54

Unfortunately, as of now, the System Management Mode (SMM) cannot be easily removed or replaced and has been included into Coreboot, as it is needed by laptops. However, there are attempts to move it into the kernel.

2017 Ron Minnich Youtube video and slides

https://www.youtube.com/watch?v=6GEaw4msq6g

This is a PDF of the slides in the above presentation. https://ecc2017.coreboot.org/uploads/talk/presentation/31/SMM_in_Linux_european_coreboot_conference_2017.pdf

55

This project was an initiative by Ron Minnich, author of LinuxBIOS and lead of  at Google, in January 2017.

October 2, 2018 37 minute Video on Linux Boot by Ryan Oleary

https://www.youtube.com/watch?v=ZjAu0VYRTno&list=PLJ4u8GLmFVmoRCX_gFXV6fhWmsOQ5cmuj&index=3

56

LinuxBoot replaces most of the firmware image with a Linux kernel and a tailored initramfs. We started the LinuxBoot project in Jan 2017 at Google. In March 2017, we opened the project to the world. Since that time, Facebook, Horizon Computing, Two Sigma, and others have joined the project. It has also become a project at the Linux Foundation as well as becoming a core part of the Open System Firmware project at the Open Compute Foundation. The project is moving very quickly, with sales of zero LinuxBoot systems in 2017, and several tens of thousands in 2018.

We expect the project to continue to grow. In this talk, we will provide an update on LinuxBoot, how we integrated it into UEFI and coreboot, and describe the different efforts using it and how you can get involved.

LinuxBoot is an Open Source alternative to Proprietary UEFI firmware. It was released last year and is now being increasingly preferred by leading hardware manufacturers as default firmware. Last year, LinuxBoot was warmly welcomed into the Open Source family by The Linux Foundation.

This project was an initiative by Ron Minnich, author of LinuxBIOS and lead of  at Google, in January 2017. Google, Facebook, Horizon Computing Solutions, and Two Sigma collaborated together to develop the LinuxBoot project (formerly called NERF) for server machines based on Linux.

Its openness allows Server users to easily customize their own boot scripts, fix issues, build their own runtimes and reflash their firmware with their own keys. They do not need to wait for vendor updates.

57

As Purism recently discovered, laptop makers can choose to have their hardware boot without looking for a digital firmware signature at all. The fusing of the processors can be set by the motherboard manufacturer to simply bypass the check. Purism's crowdfunded Librem 15 laptop will ship with a modern Intel CPU fused to run unsigned BIOS code.

The LinuxBoot project (formerly NERF) is a collaboration between Google, Facebook, Horizon Computing Solutions, and Two Sigma that aims to build an open, customizable, and slightly more secure firmware for server machines based on Linux. It supports different runtimes, like the Heads firmware or Google's NERF.

58

https://github.com/linuxboot

Replace your Chromebook BIOS with SeaBIOS

Since 2012, Chromebooks use Coreboot. Chromebooks use a crippled version of Linux called Chrome OS. But most Chromebooks can be reflashed with a free tool called Flashrom to allow them to boot a full Linux operating system. If you are on a limited budget, either reflash a Chromebook with Coreboot (and reflash it into a full Linux Operating system) or buy one of the new $199 ARM Pinebooks. For more information on how to reflash a chromebook, visit this web page:

https://learnlinuxandlibreoffice.org/3-create-your-own-linux-computer

59

    

9. Recent Intel Myths

As resistance has grown to the UEFI monopoly, Intel has launched a sort of public relations (propaganda) campaign in an effort to convince us that the UEFI monopoly is somehow good for us. Here are some of the more recent Intel myths about UEFI:

#1 UEFI is not really a Microsoft or Intel monopoly. Instead UEFI is a friendly sort of non-profit “forum” allowing a bunch of Independent BIOS vendors to work together to standardize the BIOS. The fact that they all got together at the exact time in 2007 when the NSA was forming their PRISM partnerships is a mere coincidence. And of course, the increase in the file size by a factor of ten during the same year is also a mere coincidence. Standardization does not make our lives better. It simply makes it easier for the NSA to hack all of our computers. The idea that UEFI is merely a high tech community project borders on the absurd.

#2 Tianocore is the open source version of UEFI. This is also deeply deceptive. In fact, Tianocore is a version of UEFI which can be added to Coreboot but a lot of the code in Tianocore is not open source and will likely never been open source. Like UEFI, TianoCore is loaded with holes. The latest attack was disclosed on March 14, 2019. https://support.lenovo.com/us/en/solutions/len-22660

#3 Intel would like UEFI to be open source – and release the entire code to public inspection – but their independent BIOS vendor partners won’t let them. Actually, if Intel was really supportive of open source, then they should release the source code for the Intel Management Engine.

#4 UEFI is just a “specification.” This is like saying that Linux is just a specification or Windows is just a specification or that the Legacy BIOS was just a specification or the plans to the first nuclear bomb was a specification. When you blow up BIOS to be 10 times bigger than what is was just a year earlier, you owe the public a real explanation for what is in the 90% of the millions of lines of code that had not been needed the year before. Claiming that UEFI is a specification is a misuse of the English language.

#5 UEFI has to be big because modern computers have a lot of firmware. While modern computers do have a lot of firmware, there was no increase in the amount and type of firmware between 2006 to 2008 when the code for UEFI exploded. The prior BIOS worked well with a small file size. Coreboot also works well for a small file size. So the claim that UEFI has to have 500 models with 100 connected to SMM is ridiculous.

#6 The ability to do Automatic Online Firmware Updates is important in case we discover a serious flaw in UEFI. In fact, the Automatic Online Firmware Update backdoor is the serious flaw in UEFI! How UEFI does its automatic updates is by leaving a a few connections open between UEFI and the operating system (called UEFI run time services). These connections are an extremely bad idea because they allows hackers to move back and forth between UEFI and the operating system. Once hackers have access to either, they have access to both. Because the hardware does not change once the computer is made, there is no need for remote updates and remote updates can and should be avoided.

#7 UEFI has a lot of cool features. The problem with this claim is that we do not want or need the firmware initializer to have cool features. We simply want it to do what legacy BIOS did. Check the hardware and turn the system over to the boot loader. Anything else just creates a larger attack surface for hackers.

#8 We have to end support for Legacy BIOS because it is “old code” that is not as secure as the new UEFI code. In fact, just the opposite is true. The old code is a much smaller attack surface with no backdoor connection to the operating system. It is therefore much more secure than the new UEFI code.

 

 

10. Conclusion… How do we get a secure Linux BIOS?

We as a community need to develop and recognize some basic principles that will help us all recognize the difference between computer security and insecurity. Let’s look at what our current computer insecurity looks like and use it to help us clarify some “security rules”:

What Deliberate Computer Insecure Looks Like
“Security holes (many intentional) the size of the Grand Canyon! Visit the wrong web site and your hard drive is re-formatted and your operating system is compromised.”

1 Code Encryption instead of open source code means that the code can not be independently inspected – easier to hide back doors and malware.

Security Rule 1: Safety requires the transparency of open source code. No transparency leads to hidden back doors and means no safety.

2. Monopolies such as Microsoft, Intel and UEFI mean lack of choice and single points of failure.

Rule 2: Safety comes from diversity. There is a benefit to having 100 different Linux operating systems because it makes it harder to attack.

3. Remote Controlled versus User Controlled Changes. Top Down Remote Controlled changes are automatic back doors for hackers. Using top down keys digital certificates (aka keys) driven by monopolies to mandate remote controlled changes to the software – changes that are not under the users control.

Rule 3: Safety requires bottom up user control. Top down control means no safety means single points of failure. Top down certificates do not work. If certificates are used, they need to be generated and controlled from the bottom up by local users. Avoid Centralization. Avoid Top Down.

4. Placement of the web browser inside of the operating system leads to an automatic and obvious back door for hackers. Windows is the only OS that does this and it was done over the strong objections of many Windows programmers. There should be no web browsers in the Processing Unit or the BIOS.

Rule 4: Security requires that applications should not be able to “call home” without the users permission. There should not be call home functions in processors (no Intel Management Engine) or in BIOS firmware (no UEFI automatic updates).

5. Large and complex code structures that increase the file size for no apparent reason and thus increase the attack surface.

Microsoft merged web browser Internet Explorer inside the core of the Windows operating system over the objections of their own programmers. UEFI also presents a massive attack surface.

Rule 5: Safety comes from simplicity. There should be a reason for every line of code. There should not be hundreds of hidden modules inside of UEFI or the Intel Management Engine or anything else. If a system becomes infected, the system should be simple enough for the user to easily replace everything on the system and start over.

What we really would like is to be able to elimination of all Closed Source Systems including UEFI, SMM, Intel ME (Management Engine) via the terminal with the following command:

    sudo apt purge UEFI SMM Intel ME

60

Then enter your password and you no longer have to worry about the NSA taking over or killing your computer. The above code does not yet work in the terminal. But our goal is that someday it will work.

61

It is encouraging that all of these open source BIOS projects are going on. But the fact is that over 90% of all computers are still using UEFI. We need a secure Linux BIOS for all Linux users.

62

We will therefore end with this question… What do we have to do to get a secure Linux BIOS for all Linux users? Your ideas and input are wanted.