On Mon, Sep 25, 2017 at 10:44 AM, Georgi Guninski
   <[1]guninski@guninski.com> wrote:

     On Tue, Sep 19, 2017 at 01:57:33PM -0400, Travis Biehn wrote:
     > Yes - in addition, since some attackers have been shown to
     compromise not
     > only UEFI firmware, but also blobs in peripheral devices, a
     re-flashing of
     > those components from HW land. In many cases, this type of
     recovery is
     > 'impossible'.
     >
     > Practically, individuals will take a stab on guessing attacker
     capability
     > between; zero sophisticated persistence and h/w re-install
     survivability
     > and act accordingly. It is difficult to get that right, if not
     impossible.
     >
     Thanks. I suppose it is safe guess that non-negligible part of the
     world
     is persistently owned?

   Hey Georgi,
   On prevalence I won't speculate - but my number would be pretty low.
   You don't burn your fancy hardware persistence on just any target.
   In somewhat-related news, the cat and mouse game is getting a bit more
   interesting with Apple High Sierra's eficheck. While I don't expect it
   to remain effective long, it promises to find some 'interesting' old
   samples.
   -Travis
   --
   [2]Twitter | [3]LinkedIn | [4]GitHub | [5]TravisBiehn.com | [6]Google
   Plus

References

   1. mailto:guninski@guninski.com
   2. https://twitter.com/tbiehn
   3. http://www.linkedin.com/in/travisbiehn
   4. http://github.com/tbiehn
   5. http://www.travisbiehn.com/
   6. https://plus.google.com/+TravisBiehn