An in-depth assessment of the fight against a new computer virus in ArsTechnica raises the spectre of uncontrollable replication via speaker and microphone. Dan Goodin lays the groundwork:
Three years ago, security consultant Dragos Ruiu was in his lab when he noticed something highly unusual: his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot. Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused. He also found that the machine could delete data and undo configuration changes with no prompting. He didn’t know it then, but that odd firmware update would become a high-stakes malware mystery that would consume most of his waking hours.
Since then Ruiu says that the infections have persisted, “almost like a strain of bacteria that’s able to survive extreme antibiotic therapies.” Within hours or weeks of decontaminating a computer, the infection would return: “The most visible sign of contamination is a machine’s inability to boot off a CD, but other, more subtle behaviors can be observed when using tools such as Process Monitor, which is designed for troubleshooting and forensic investigations.”
But there is another sinister characteristic. In addition to jumping “airgaps” designed to isolate infected or sensitive machines, the malware seems to have self-healing capabilities. Ruiu suggests that the malware, dubbed “badBIOS” has the ability to use high-frequency transmissions passed between computer speakers and microphones to bridge airgaps.
Read Dan Goodin’s fascinating article here at ArsTechnica.