From owner-freebsd-security  Thu Nov 15 11:25:17 2001
Delivered-To: freebsd-security@freebsd.org
Received: from oxmail.ox.ac.uk (oxmail1.ox.ac.uk [129.67.1.2])
	by hub.freebsd.org (Postfix) with ESMTP id 56B1137B405
	for <freebsd-security@freebsd.org>; Thu, 15 Nov 2001 11:25:15 -0800 (PST)
Received: from heraldgate2.oucs.ox.ac.uk
	([163.1.2.50] helo=frontend2.herald.ox.ac.uk ident=exim)
	by oxmail.ox.ac.uk with esmtp (Exim 3.33 #3)
	id 164S7y-0002DT-01; Thu, 15 Nov 2001 19:24:46 +0000
Received: from dhcp85.wadham.ox.ac.uk ([163.1.164.212] helo=piii600.wadham.ox.ac.uk)
	by frontend2.herald.ox.ac.uk with esmtp (Exim 3.32 #1)
	id 164S87-0004R7-00; Thu, 15 Nov 2001 19:24:55 +0000
Reply-To: cperciva@sfu.ca
Message-Id: <5.0.2.1.1.20011115191853.0e8c8598@popserver.sfu.ca>
X-Sender: cperciva@popserver.sfu.ca
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
Date: Thu, 15 Nov 2001 19:24:53 +0000
To: veedee@c7.campus.utcluj.ro, cperciva@sfu.ca
From: Colin Percival <colin.percival@wadham.ox.ac.uk>
Subject: Re: Spoofing file information?
Cc: Tobias Roth <roth@iamexwi.unibe.ch>,
	Stefan Probst <stefan.probst@opticom.v-nam.net>,
	freebsd-security@FreeBSD.ORG
In-Reply-To: <20011115121351.A24535@c7.campus.utcluj.ro>
References: <5.0.2.1.1.20011115083248.0e8cd548@popserver.sfu.ca>
 <5.1.0.14.2.20011115143223.04264050@MailServer>
 <5.1.0.14.2.20011115143223.04264050@MailServer>
 <20011115092433.A9120@roy.unibe.ch>
 <5.0.2.1.1.20011115083248.0e8cd548@popserver.sfu.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 12:13 15/11/2001 +0200, veedee@c7.campus.utcluj.ro wrote:
>   I'm just taking a wild guess here, but aren't some of you guys getting a
>little bit paranoid? Next thing you're gonna advise Stefan is that someone
>flashed some EEPROMs from his hardware that contain some code that activates
>when blahblah, or simply say "just change the whole fucking thing (eg
>server)".

   If he was operating with a writeable EEPROM BIOS, I would indeed be 
concerned (I note that there are also viruses which zero writeable EEPROMs, 
making system recovery rather more difficult).  Fortunately most 
motherboards have jumpers which must be moved before the EEPROM can be 
written to; I therefore would assume that his EEPROM is most likely safe.

Colin Percival



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message