<i>35C3 preroll music</i>

Herald angel: OK so our next talk is given
by Frederic Vachon, so please give him a

warm round of applause.
<i>Applause</i>

Vachon: Okay so hello everyone. Thank you
for having me today. I'm really happy to

be to be here. So today I'm going to talk
about a research that a colleague of mine,

Jean-Ian Boutin and I did earlier this
year and which led us to the discovery of

a UEFI rootkit. So very quickly. My name
is Frederic Vachon, I'm a malware

researcher at ESET and I've been working
there for the last two years and for the

last year or so I've been really focusing
on boot level threats and UEFI firmware

reverse engineering. So let's look at the
agenda for this talk. So the first thing I

want to talk about is what is Sednit very
quickly. Then I'll talk about LoJack,

which is an anti-theft software and past
research related to this software and the

reason for that is that the UEFI rootkit
that I'll talk about really mimics the

architecture of this legitimate software.
Then we'll move on and I'll talk a little

bit about compromised LoJack agents that
were found in the wild, and finally I'll

jump into the UEFI rootkit, well, where
I'll talk about the tools around the

rootkit and the UEFI rootkit itself. So,
Sednit. Sednit is an espionage group

active since the early 2000s and it is
also known as Fancy Bear, APT28 and

STRONTIUM, so maybe you know this group by
one of these alternative names. And Sednit

is the name basically that we use at ESET.
So this group was very visible in the past

few years as being allegedly behind some
pretty mysterious hacks like the hack

against the Democratic National Committee,
the DNC, where some emails were leaked

online. The hack against the World Anti-
Doping Agency as well as the hack against

the French broadcasting network TV5 Monde.
But at ESET when we're talking about

Sednit, we're really talking about the
tools and the different campaigns that

were led using these tools, and we're not
talking about the people who are operating

this malware because we don't have the
information necessary to draw such

conclusions. However, in July 2018 the
U.S. Department of Justice named the group

as being responsible for the Democratic
National Committee hack in this specific

indictment. And what's interesting is that
the tools that we analyzed were... are

named in this specific indictment and they
also mention who's the authors of these

malware. And also early, not earlier, but
closer from from now, in October 2018, the

Department of Justice issued another
indictment naming pretty much the same

people are related to the World Anti-
Doping Agency hack. And the way that

Sednit will usually infect their targets
is by sending phishing emails, so

sometimes they will contain malicious
links and some of the time malicious

attachments. OK. So now let's talk a
little bit about LoJack. So Lojack is an

anti-theft software as I mentioned, and it
was previously known as Computrace. So

maybe you know the solution by this name
instead. And it is made by Absolute

Software. So, yeah, and this solution is
built in many laptops. But an anti-theft

software needs to be as persistent as
possible if you want it to be reliable. It

needs to be... to survive an operating
system re-install or a hard disk

replacement. So to achieve this what
Absolute Software did is that they added a

module in the UEFI BIOS itself. Yeah and
the solution needs to be activated in the

BIOS setup. So with a persistence
mechanism like that coming from the

firmware, it's really attracted the
attention of security researchers, who

looked into this to find vulnerabilities
basically. And at BlackHat in 2009 there

was a talk there where the architecture of
the solution was described and several

design vulnerabilities in the agent were
also described there. So let's look at the

architecture of LoJack back then. So the
first thing that we have here is a module

in the UEFI BIOS, and this module will
write a file to the Windows partition. So

this file is called autochk.exe, which
replaces the legitimate autochk.exe, whose

job is to perform filesystem integrity
check during early Windows boot. So by

replacing this agent during early Windows
boot it will be executed. And from there

it will drop rpcnetp.exe, which is the
small agent, and will install a service

and when Windows will run it will run this
service, and rpcnetp will be launched at

this point. And it will inject itself into
svchost , and then from there it will

inject itself into Internet Explorer which
is pretty interesting because it's very

shady and that's something that we see
pretty much all the time in malware but

not often in legitimate software. And from
Internet Explorer it will then communicate

with the command and control server and it
will download the full recovery agent. So

now let's look at some of the issues that
the researchers found with this... in this

solution. So one of the vulnerabilities
they found is very interesting for us and

in fact that's really the only one that
matters for this talk. And this is a

configuration file vulnerability. So the
configuration is embedded into rpcnetp.exe

and it is encrypted but it is encrypted
with a very weak algorithm. So it is in

single byte XOR key, and it is not
authenticated whatsoever. And what's in

this configuration file? Well, that's
where you can find the server, the command

and control server. So an attacker can
just change this configuration to point to

its own attacker-controlled server. So we
knew that this vulnerability existed for a

while, it was back in 2009, but we had no
evidence of it being used in the wild.

Until earlier this year, when Arbor
Networks published a blog post where they

described some modified small agent with
modified configuration where the domains

that were embedded in this configuration
were linked to old Sednit domains. So

let's go back to LoJack architecture and
look at where this attack took place. So

it took place at this level here. So from
there we did some detection for this

malware and it was... and we hunted to
gather as much samples as as we could. And

it was fairly simple because they always
modified the same exact version of the

agent and they modified, so that's what we
can see here, so they modified the command

and control server. And here we see the
encrypted version of course. So by looking

at this we will look at ESET's telemetry
and found out that there was a few

organizations that were hit mostly in the
Balkans, in Central Europe as well as in

Eastern Europe. These were military and
diplomatic organizations. And what's

interesting is that we also found other
Sednit tools in the same organization. So

at this point we wondered how this malware
got there, but since there was other

backdoors of Sednit in the organization we
thought it might be the infection vector,

but by digging a little bit deeper we
found another interesting component. And

if we go back to the LoJack architecture,
the component that we found is at this

step here. So at this step in the LoJack
architecture it's autochk.exe that lives

there. But what we found is another file
called autoche.exe instead of autochk. And

it does pretty much the same thing. So it
also installs a service and it also drops

rpcnetp.exe. But it is the rpcnetp version
that has a modified server in it. So

Sednit domain basically. And we continue
to look at what we can find in this

organization and we found another tool
which is called info_efi.exe, and that

allows to drop... to dump a lot of
information about very low level settings

of the machine. And this tool uses Read
Write Everything's driver. And

Read Write Everything is a software that allows you
to manipulate very low level setting of

your machine. So using this tool you can
read and write to PCI configuration

register, to memory-mapped IOs, to IO port
space and you can also access physical

memory and this tool uses a kernel driver
of course - if you want to do those things

you need a kernel driver. And this kernel
driver is properly signed so that you can

push it on even a recent version of
Windows. And so yeah, that's the driver

that was used by info_efi here. And by
Googling a little bit around what we found

out is that this specific driver was used
in the past by security researchers to

exploit vulnerabilities at the firmware
level. So, yeah, the last thing that was

missing here to mimic the whole LoJack
solution was a UEFI BIOS module. So at

this point we wondered, did they get
there. So, because of the tool dumping

information about the BIOS that I just
spoke about, we were pretty confident that

something more was happening there. And by
digging a little bit deeper, we found

other tools that strengthen our
suspicions. So the first tool is called

ReWriter_read. And it is a tool used to
dump the content of the SPI flash memory,

and it also uses Read Write Everything's driver and
it uses these specific IO control codes.

So it allows it to read and write to
memory-mapped IO space as well as read and

write to PCI configuration registers.
What's interesting for us as reverse

engineer is that this tool contains a lot
of debug strings which really made our job

easier. And it consists of the following
operations. So the first thing it will do

is that it will log information on the
BIOS_CNTL register and we'll talk a lot of

detail about this register just a little bit later
in this talk. Then it locates the BIOS

region base address. And finally it reads
the UEFI firmware content and dump it to a

file. So another tool that we found is
really complementary to the tool to

ReWriter_read and it is called
ReWriter_binary. So it also contains a lot

of debug strings. It also uses
RWEverything's driver. And now the UEFI

firmware is dumped into memory, the next
step is to add the rootkit to the firmware

and to write it back to the SPI flash
memory and that's exactly what this tool

does. Okay. So now let's talk about the
patching of the UEFI firmware. But before

we dig into the subjects there are a
couple things that I wanted to introduce

here just to make sure that we're on the
same page. So the first thing I want to

talk about is UEFI and UEFI stands for
Unified Extensible Firmware Interface and

it is a standardized specification that
defines the interface that exists between

the operating system and the firmware. And
it's kind of a replacement for the legacy

BIOS. So, a UEFI compliant firmware will
provide a set of services to UEFI

applications and here read the operating
system loader. There are other UEFI

applications, but usually it's the
operating system loader that runs. So the

first set of services is called the boot
services and these are services that are

available during the firmware lifetime but
once the operating system is loaded, these

services are not available anymore and
there are the runtime services that are

also available during firmware lifetime.
But once the operating system is loaded

they are still available, so that a kernel
driver for instance can make call in these

services. An example of these services
allows the operating system to read and

write to UEFI variables. And what's
interesting with UEFI is that there is no

more master boot record and volume boot
record involved in the boot process

meaning that there is no easy way to
hijack the early boot control flow. So the

second thing I want to introduce here are
the driver execution environment drivers -

so the DXE drivers. So DXE drivers are
PE/COFF images meaning that they are

basically Windows executables, and they
are kind of the core of UEFI firmware so

that they can do many things, some of them
will be used to abstract the hardware.

Some of them will be used to produce the
UEFI standard interface, so the boot

services and the runtime services, and
they can also be used by firmware vendors

or OEMs to extend the firmware by
registering new services - the so-called

protocols in the UEFI specification. And,
the DXE drivers are loaded during the DXE

phase of the platform initialization and
they are loaded by the DXE dispatcher that

will also be referred to as the DXE Core.
The last thing that I'm going to do: I

want to introduce for now is the UEFI
firmware layout - so the UEFI firmware

is located in the BIOS region of the SPI
flash memory. And this region will contain

multiple volume. But let's look at it with
a little bit more detail in this tool here

which is UEFI tool, that is an open source
software that allows you to manipulate

UEFI firmware images. So here I loaded the
typical content of SPI flash memory dump

in this tool and let's look at what we
have. So, the first thing that we see here

is the descriptor region, so it contains...
this region contains metadata about how

the remaining data in the SPI flash memory
is laid out. The second region that we

find here is the ME region which contains
the Intel Management Engine firmware. And

finally we have the BIOS region which is
really the main interest... the main thing

that we want to look at today. So the BIOS
region contains multiple volumes. So let's

look at one volume in a little bit more
detail. So here we have a volume of type

firmware filesystem version 2 and this
volume contains multiple files and these

files are identified by GUIDs. So that's
what we can see under the name column

here. And a file doesn't contain directly
the UEFI executable, but it is composed of

multiple sections and one of these section
is the actual UEFI executable, but there

are other section and in this case we see
a DXE dependency section that allows to

define dependencies for this specific UEFI
image and we also see a version section

and a user interface section which allows
to give us a human readable name for this

file instead of the GUID which is very
pretty difficult to remember for humans.

OK, so now that we have all this in mind
let's go back to ReWriter_binary. So what

ReWriter_binary will do is that it will
parse all of the firmware volumes that it

can find looking for 4 specific files. So
it looks for Ip4Dxe, NtfsDxe, SmiFlash,

and the DXE Core. So why does it look for
Ip4Dxe and the DXE Core? Well these files

are looked for to find the firmware volume
where to install the UEFI rootkit. So

usually in UEFI firmwares all of the DXE
drivers all in the same volume, so when

the tool will parse... will find in fact
Ip4Dxe, it will know it is currently

parsing the volume with all of the DXE
drivers in it and it will keep it as a

candidate for the UEFI rootkit
installation. And it looks for the DXE

Core basically for the same reason, but
sometimes the DXE Core is in a different

volume, so when it will find it, it will
keep the volume as another candidate for

the UEFI rootkit installation and the
chosen volume will be the one with enough

free space available in it. Now, NtfsDxe.
So NtfsDxe is the American Megatron Inc.

NTFS driver and if the tool finds it, it
will remove it, and the reason for that is

that the UEFI rootkit embeds its own NTFS
driver, so to avoid any conflict with

another NTFS driver it just removes it.
And now SmiFlash, so, SmiFlash is looked

for... and, you know, the tool will... if
the tool finds it, it will keep some

metadata about it in the structure, but in
the version of the tool that we analyzed

it's not used anywhere. But interestingly,
SmiFlash is a known vulnerable DXE driver.

So what we believe is that Sednit might
have been fiddling in another version of

the tool with some exploit for this driver
in order to be able to bypass write

protection mechanisms to the BIOS region
of the SPI flash memory. So now that it

has found the volume where to install the
rootkit, it will add the rootkit, right.

So the first thing it does, it will create
a firmware file system file header, then

it will append the rootkit file, which is
a compressed section that contains two

other sections, one of one of these is the
actual UEFI rootkit image and the other

one is a user interface section defining
the name for this rootkit which is SecDXE,

as in security DXE. And then it will take
this blob of data and write it at the end

of the firmware volume that was chosen.

So now that the UEFI rootkit is inside the

firmware into memory, the next step is to
write it back to the SPI flash memory. And

once again there's a couple of things that
I want to introduce here. So I want to

talk about BIOS write protection
mechanisms. So the chipset exposes write

protection mechanisms that need to be
properly configured by the firmware. So

there are no such thing as, you know, BIOS
write particular mechanism enabled by

default. It's really the job of the
firmware to do that. And today will only

cover relevant protections to our
research. So only the protection mechanism

that are looked for by 
REWriter_binary. And yeah the protection

we'll talk about are exposed via the BIOS
control register that we've seen a little

bit earlier in this talk. So, if you're a
kernel driver and you want to write to be

BIOS region of the SPI flash memory, what
you need to do first is you need to set

the BIOS Write Enable field of the BIOS
control register to 1 and then you're able

to write to the SPI flash memory. But of
course you don't want any kernel driver to

be able to modify your UEFI firmware and
potentially brick your machine. So there's

a protection mechanism there which is
another field in the BIOS control register

and this field is called BIOS lock enable
and it allows to lock BIOS Writer Enable to

0. And this field is readable in WLO. WLO
means write lock once. And what it means

is that once the firmware has set this bit
there's no other way to set it back to 0

than performing a full platform reset.

But there's a problem here, and it lies in the

fact that BIOS lock enable implementation
is vulnerable. So how it works is that

when BIOS write enable is set to 1, it's
value will actually change in the BIOS

control register for a small amount of
time. And then the platform will issue a

system management interrupt and the SMI
handler will set BIOS write enable back to

0. But, yeah, the firmware must implement
this SMI, otherwise this mechanism is

totally useless. But maybe you've guessed
it. But what happens if we write to the

SPI flash memory before the SMI handler
sets BIOS write enable back to 0? So there

is a race condition vulnerability here.
And there is a paper about it which is

called "speed racer". And to exploit this
what you need to do is, you need one

thread that continuously sets BIOS write
enable to 1, while another thread tries to

write the data to the SPI flash memory.
And according to this paper it works on

multicore processors as well as on single
core processors with hyper-threading

enabled. So Intel came up with a fix for
this issue and was introduced in the

platform controller hub family of Intel
chipsets around 2008. And what they did

is, that they added a field in the BIOS
control register. And this field is called

SMM BIOS write protect disable. And the
name is a little bit misleading, but if

you remove disable, that's actually what
it does. And if this mechanism is

activated, there will be no other way to
write to the SPI, to the BIOS region of

the SPI flash memory, than if you don't
have all of the cores of your processor

running into SMM, meaning that the job of
writing to the SPI flash memory is now only

available to system management mode. And
once again the firmware must set this bit.

Otherwise this mechanism is not activated,
right. Okay so let's go back to

ReWriter_Binary. So of course if I talk
about all of these mechanisms it's because

ReWriter_Binary checks for them. So it
will check if the platform is properly

configured and it implements the exploit
for the race condition that I just spoke

about. So let's look at the writing
process decision tree. So the first thing

that it will look for is if BIOS write
enable is set, and if BIOS write enable is

set there, then there's nothing stopping
it from writing the UEFI image. But if it

is not set, then it will check "Oh, is
BIOS lock enable activated?". And this, if

this mechanism is not activated then it
will just flip BIOS write enable to 1, and

then it will write the UEFI image. But if
it is activated, the last thing it will

check for is "Is SMM BIOS write protect
set?". And if it is not set, then it will

exploit the race condition that we spoke
about. And if it is set, then the tool

will just fail. So the tool only works if
the platform is misconfigured. And we

spoke about SmiFlash, the vulnerable DXE
driver. So yeah, what we think is that by

being able to exploit this vulnerability,
they would have been able to have a tool

that works even when the platform is
properly configured. So it's a very good

example of; I mean if firmware vendors
would have done their job correctly here,

this tool would have failed at flashing
the UEFI firmware, so that's a great

example of how, you know, firmware
security is. So here let's just take a

step back and look at what we have. So
what we have is a software implementation

to flash the firmware remotely post
exploitation, meaning that as an attacker

I can, you know, infect my target the way
I usually do - let's say by sending a

phishing email. And once I have a foothold
in the machine, I can use this tool to

deploy the UEFI rootkit. And one we knew
about in the past was Hacking Team's UEFI

rootkit and it needed physical access to
be deployed. So it's so much more

convenient to be able to do it remotely.
And let's note here that there is no proof

of Hacking Team's rootkit being used in an
actual cyber attack. It has never been

found on a victim's machine or at least if
it had, it hasn't been publicly disclosed.

So what we did at this point is that we
extracted the UEFI rootkit from the tool

and we looked at ESET's UEFI scanner
telemetry to see if we can find something.

Turns out that we found the UEFI rootkit
in the SPI flash memory of a victim's

machine, making it the first publicly
known UEFI rootkit to be used in an actual

cyber attack. Okay.

So now let's look at the UEFI 
rootkit itself. So the UEFI

rootkit is a DXE driver. So it is loaded
by the DXE dispatcher every time that the

machine will boot. Its file name is SecDxe
as we've seen earlier and here's the file

GUID for future reference. So let's look
at the UEFI rootkit workflow. So UEFI

firmware we'll go through multiple phases
when it boots. The first phase is the

security phase, the second one is the pre
EFI initialization phase, and then there

is the driver execution environment phase
and that's where it begins to be

interesting for this rootkit. So that's
where the DXE dispatcher lives. So that's

when all of the DXE drivers will be
loaded. So at some point the UEFI rootkit

will be loaded. And what will happen is
that the rootkit will create an event

attached to EFI GROUP_READY_TO_BOOT. And
it will bind a notify function to this

event. So in the next phase, when the boot
manager will run, at some point it will

signal this event and the notify function
will be called. So, the notify function

does 3 things. The first thing is that it
will install an NTFS driver. Then it will

drop autoche.exe and rpcnetp.exe using
this NTFS driver. And finally it will

patch a value in the Windows Registry. So,
the NTFS driver is needed to get file

based access to Windows partition and
Sednit's operator did not write their own

NTFS driver. What did it is that they use
Hacking Team's NTFS driver from Hacking

Team's leak. And, yeah, so here's the code
responsible for dropping the files. So as

we can see here, it is dropping
rpcnetp.exe and here it is dropping

autoche.exe. And the last step is to patch
the Windows Registry. So how it does that

is that it will open the file backing the
HKLM\SYSTEM Registry hive and it doesn't

have all the logic to parse Windows
Registry structures, so it will only look

for a textual pattern and the textual
pattern it will look for is "autocheck

autochk <i>" and it will change it to
"autocheck autoche </i>" and it happens to be

modifying the BootExecute key. So, the
BootExecute key is the key responsible for

launching autochk.exe during Windows early
boot. So by modifying it to autoche

instead of autochk that's autoche.exe that
will be executed instead of autochk. And,

so here if we go back to the UEFI rootkit
workflow, when the operating system will

run, then it will execute autoche.exe.
Then autoche.exe will drop the small

agent, the rpcnetp.exe, and so on. But
what's interesting here is that it will

revert back the modification in the
Windows Registry from autoche to autochk.

So that as a Windows user, for instance,
if I look in the Windows Registry, I won't

find that anything, any modification
occurred there. So that's a pretty

interesting sealth technique that is
enabled by the fact that the malware is

coming from the firmware. Okay. So, the
last thing that I want to talk about now

is prevention and remediation, so what can
you do to protect yourself against this

kind of attack? And if ever you were... 
you find out that you had a UEFI rootkit in

your machine, what can you do? So,
prevention. So the first thing and the

most important thing, which is also the
most accessible thing, thankfully, is that

you should keep your UEFI firmware up to
date to make sure that if, you know,

security researchers found some issues
with your firmware and they disclosed it

and the firmware vendor fixed them, you
want to make sure that you have the latest

patches available on your machine. Then
the second thing is that you should really

enable Secure Boot. But let's note here
that Secure Boot itself would not

effectively you against this specific
attack. And the reason for that is that

Secure Boot takes the content of the SPI
flash memory as its root of trust, meaning

that what's inside the SPI flash memory is
not subject for validation. So what does

it validates then, right? Well, Secure
Boot will check what's coming from outside

of the SPI flash memory meanings the PCI
option ROMs and probably the most

important thing, the operating system
loader. So it's really a mechanism that

checks that the operating system loader
hasn't been tampered with. So what can we

do then, right? Well, what we need is a
hardware root of trust. So we need to move

the root of trust from the SPI flash
memory to some piece of hardware. So it

must be in a, you know, one time
programmable chip that is programmed

during manufacturing time and that cannot
be written to ever after. An example of

this exists - technology like Intel
BootGuard implements this. And also Apple

T2 security chip has a hardware root of
trust. And then you kind of need to hope

that your firmware configures the security
mechanisms properly and there's not much

you can do about it if your firmware is
up-to-date. But thankfully there are

firmware security assessment tool
available out there and an example of that

is Intel CHIPSEC. So, with Intel CHIPSEC
which is an open source software tool, so

you can just download this tool, put it in
an USB key, boot from it and then this

tool will check for all of the security
mechanism that we spoke about today, it

will check if they are properly configured
and also it checks for a bunch more stuff.

And now also CHIPSEC checks if your
firmware has this LoJax rootkit. So if you

want to know if your firmware properly
configures these security mechanism that's

really the way to go. Now about
remediation. So, this slide is kind of

short. And the reason for that is that if
you find out that you have a UEFI rootkit

in your SPI flash, there's not pretty much
you can do. You really need to re-flash

your UEFI firmware and that's definitely
not something that is easy to do for

anybody. And well, if it's not an option
for you, then you kind of need to get rid

of your motherboard or your laptop and get
a new one basically. So that's how serious

this kind of attack is. Now, conclusion.
So, our research shows that UEFI rootkits

are not only toys for researchers to play
with, but they are real world threats used

in actual cyber attacks. So it might be
something that you want to keep in mind

when you'll be defining your threat model.
Also we won't stress this enough: firmware

must be built with security in mind from
the bottom up, and things are getting

better because there are more and more
security researchers looking into this,

but there's still work to do. And
hopefully, our research help share

knowledge about how to prevent and
mitigate UEFI-based threats. So that is

pretty much it for me today. So thank you
for having me and if ever you're

interested to know more details about this
research, the white paper is available at

welivesecurity.com and you can grab a copy
there. So, thanks.

<i>Applause</i>
Herald: Alright, you know the drill. We

have 5 minutes for Q&amp;A. So please, quick
and short questions. Number 1 please.

Question: (incomprehensible) attacking
other operating systems (incomprehensible)

Answer: In this case, well, that's kind of
the... pretty much the only one we're aware

of, apart from Hacking Team's UEFI
rootkit, and this one only works on

Windows, so we have no; we don't know
about any other that target's Linux or Mac

OS for instance.

Herald: Please refrain from walking in
front of the cameras when you're leaving.

Thank you.
Could we get microphone number

2 please.
Q: Hello, thanks for the talk. On your

slides you mentioned a tool, open source,
for checking out the layout. What was the

name of the tool?
A: It's called UEFI tool. <i>Laughter</i>

Q: Nice.
A: So you can find it on GitHub.

Q: Thanks.
Herald: The internet please.

Q: Thank you. Does the rootkit also work
when the UEFI is in BIOS legacy mode?

A: Uhm... That is a pretty good question.
I think it should, but I am not sure about

it. That's a good question, I'd have to
look into this, to have a... <i>laughing</i> an

answer I'm 100 percent sure about. Sorry
for that.

Herald: Microphone number 3 please. It's
you in the back, are you? No that's 4,

I'm sorry.
Q: OK. So, does the UEFI dropper still

work with BitLocker enabled?

A: I know. Oh yeah. Yeah. We test that.

No, it doesn't work if BitLocker is
enabled, so it doesn't wait for the... for

BitLocker to have decrypted all of the
data. So no, it doesn't work if

BitLocker is enabled.

Herald: Number 1 please.

Q: Would it be possible to work within
full disk encryption. (incomprehensible)

the file system was decrypted and then
installed the dropper.

A: I'm not sure I heard all of the
question, but if it works if there's full

disk encryption? Is it the question right?
Q: Would it be possible to make it work

with full disk encryption?
A: I think it should be because the LoJack

software is a legitimate one, the anti-
theft solution. They are able to make it

work even if BitLocker is enabled or full
disk encryption. So yeah, it should be

possible to do so.

Herald: One more internet question please.

Q: Thank you. What if a rootkit doesn't
fit in the SPI flash. Is filling up the

SPI flash space completely a valid
prevention?

A: No I don't know... we could really call
it a prevention mechanism. But yeah, if

there is not enough free space available
on the firmware volumes the tool will just fail.

Herald: Number two please.

Q: Hi. You said that there is no real
possibility to secure everything, but what

are your daily choices that you use like,
on your personal computer, to be fully

secret?
A: Well... <i>laughing</i> I could say an

alternative platform, but... <i>laughter</i>
but yeah, if you have

a modern Intel CPU and you have

Secure Boot enabled and you have, you
know, all of the latest UEFI firmware

updates, that's kind of the best you can
do to be safe for... against that kind of

attack.
Q: I have... I have my like this...

Herald: Number 1 please.
Q: So, going back to the LoJack

configuration file vulnerability. Is the
configuration file on the operating system

file system?
A: No no no, the... In fact it's... there is

not a separate configuration file, the
configuration is embedded inside the

executable. So it is embedded into
rpcnetp.exe.

Herald: Unfortunately, we are already out
of time. So please thank our speaker

again.

<i>applause</i>

<i>postroll music</i>

subtitles created by c3subtitles.de
in the year 2019. Join, and help us!