Posted on September 14, 2018 at 12:45 PM
Most Macs and PC released in recent times come with a security flaw which experts have warned that it is capable of exposing users’ encrypted data. This flaw according to F-Secure researchers is in the firmware of these devices. The cybersecurity gurus have opined that unless this is promptly handled, it can make hackers have an easy day with users’ data.
Nature of the Flaw
Cybersecurity experts at F-Secure have revealed a vulnerability in the security architecture of most PCs and Macs released nowadays. They warn that personal and encrypted data belonging to users can be compromised by hackers due to a major fault in the firmware of their computing devices.
A good example of this was an authorized access which hackers were able to gain using a cold boot approach of 2008. With that approach, hackers were able to restart computers without having to go through the usual shutdown regime.
This is possible as they had access to the computer’s data just a few minutes after the loss of power. This, they did by accessing the RAM. Modern computers, therefore, came up with a plan to counteract this model of attack. The idea is to overwrite the RAM when power is lost so that hackers would not have access to personal data.
But then, hackers have been able to find out ways in which this overwriting process can be disabled. As such, what was initially thought to have been dealt with is appearing to be resurfacing. F-Secure researchers when updating the public in their blog post said:
The attack exploits the fact that the firmware settings governing the behavior of the boot process are not protected against manipulation by a physical attacker. (As such,) using a simple hardware tool, an attacker can rewrite the non-volatile memory chip that contains these settings, disable memory overwriting, and enable booting from external devices. The cold boot attack can be carried out by booting a special program off a USB stick.
Granted, this vulnerability is something very serious. However, it may not be that serious given that for the attack to take place, hackers would have to be physically present. So, if your device can be physically kept safe from hackers, you may not stand the risks that experts are warning about here.
We are Powerless to Address Vulnerability, Microsoft and others reply
Expectedly, F-Secure researchers called the attention of the likes of Apple, Microsoft, and Intel to this vulnerability. However, they all seem to not have a likely solution in view given that devices would have to physically be in hackers’ hands for them to carry out the infraction. But it has to be stated that the latest Mac systems are not susceptible to this attack. The reason is that it came with a unique T2 chip.
According to Microsoft, if the pre-booting process can be protected with a PIN or password that can go a long way in checkmating the flaw. However, users running Windows 10 Home don’t have the BitLocker with which they can set this pre-boot PIN.