Page 1 of 1

(PGP)Encryption and BIOS or Firmware attacks

Posted: 01 Feb 2016, 15:40
by viking60
We have security distros like Tails that use the Tor system and comes with DNScrypt and DNSMasq set up. And the Encryption part is in place too.
The PGP encryption cannot withstand a BIOS or Firmware attack.

Since Major companies deliver the firmware and can be instructed by governments; it is highly questionable if there is such thing as privacy on the internet.

The encryption keys in Tails are easily revealed if you can access the firmware - and you can! This is not limited to Intel, Microsoft or other Silicon Valley big shots.

Have a look here :

This requires some hardware setup and physical access so you can just close the door. The parties responsible for updating your Bios do not need physical access so if the Government should decide that every computer should have a backdoor for them - for any given reason - then they will get it.

At least the governments that control the Companies in question.

Since former NSA leaders have claimed that the NSA should no more require backdoors: this could mean two things:

1 They are concerned about the future of safe computing and privacy.
2. They already have systems in place to avoid all encryption.

The likelihood that the latter is in place in most Computer hardware is an absolute possibility; already when you buy the computer. And the remote flashing of your Bios is no big problem if you should have an old system.

So is there such a thing as a secure Internet? Do we simply need to realize that the Internet is not safe by "nature".

Is the illusion of the safe internet simply a marketing campaign to enable our elected Peeping Toms or a necessity to fight terror?

Digital rights - is that only a thing to make profit for corporations?

Have you ever experienced that your Bios is behaving strangely after a reboot?

I have:

Years ago I bought this fairly decent computer that now only runs on Linux. This computer came with a small Bios program that lets you send mail and surf the internet super fast - before the standard OS is Loaded.

I had to deactivate this to make Linux boot correctly and suddenly the other day I booted and the computer jumped into that program again... :confused
This should only be possible by altering the Bios settings.

Now this could be caused by a regular update or...something else (It has been deactivated for years).

Given the events in the latter years: How unlikely is it that it was something else?

What really bothers me about this is that I have no way of finding out :berserk2