On Wed, Jan 22, 2014 at 07:38:17AM -0800, coderman wrote:
consider the following,
- BIOS attack with post-boot re-infection vector triggered once graphics mode transitions from console to graphical display: + target hardware is a match and supported, however, root file system is XFS, ZFS, or other unsupported *nix variant. attempt to persist by injection on file system using kernel fs funcs and data structures (this gets around FDE by interacting before luks/mdcrypt/loopaes/cryptoloop layer) thus causes kernel panic. anomaly #0.
Is there any way to save any evidence of this kind of attack, to use to help fix the vulnerability? ... and to provide to the EFF, ACLU, or other interested parties that may want to litigate? Any info, links, etc. appreciated.