From owner-freebsd-questions@FreeBSD.ORG  Thu Jun 12 10:41:57 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 71CA21065674
	for <freebsd-questions@freebsd.org>;
	Thu, 12 Jun 2008 10:41:57 +0000 (UTC)
	(envelope-from davidfeustel@comcast.net)
Received: from QMTA02.emeryville.ca.mail.comcast.net
	(qmta02.emeryville.ca.mail.comcast.net [76.96.30.24])
	by mx1.freebsd.org (Postfix) with ESMTP id 51D828FC16
	for <freebsd-questions@freebsd.org>;
	Thu, 12 Jun 2008 10:41:56 +0000 (UTC)
	(envelope-from davidfeustel@comcast.net)
Received: from OMTA10.emeryville.ca.mail.comcast.net ([76.96.30.28])
	by QMTA02.emeryville.ca.mail.comcast.net with comcast
	id cyZ61Z0010cQ2SLA200b00; Thu, 12 Jun 2008 10:41:56 +0000
Received: from localhost ([69.245.196.200])
	by OMTA10.emeryville.ca.mail.comcast.net with comcast
	id cyhu1Z0034KuD458WyhuVk; Thu, 12 Jun 2008 10:41:56 +0000
X-Authority-Analysis: v=1.0 c=1 a=K_fBZbE0AAAA:8 a=XawnbSxmx-Z5lsRdxS4A:9
	a=qG2GjjjwQO2r4bvvWE4lPsXSCR4A:4 a=LY0hPdMaydYA:10
From: dfeustel@mindspring.com
To: perryh@pluto.rain.com
In-Reply-To: <4850d834.VvRLmDrvgD3J8RVH%perryh@pluto.rain.com>
Message-Id: <20080612104157.51D828FC16@mx1.freebsd.org>
Date: Thu, 12 Jun 2008 10:41:56 +0000 (UTC)
Cc: cpghost@cordula.ws, freebsd-questions@freebsd.org, jeffrey@goldmark.org,
	dfeustel@mindspring.com
Subject: Re: FreeBSD and User Security
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jun 2008 10:41:57 -0000

On Thu, Jun 12, 2008 at 01:03:00AM -0700, perryh@pluto.rain.com wrote:
> > How do you know that the bios has not been reflashed by a virus,
> > trojan, or rootkit?
> 
> For that matter, how do you know that the *original* bios was free
> of "interesting non-essentials"?  It's been a few years since bios
> were delivered in socketed ROMs/EPROMs (readable by a standalone
> device, independently of their own operation) or since sources were
> typically published :)

Check out http://www.gensw.com and the book
_BIOS Disassembly Ninjutsu Uncovered_.