Before seeing this, I was under the impression that reballing was an involved process, but with this jig the operator could strip and reball a chip in under a few minutes, which translates to a labor cost of a couple dozen centsThis is insane. In PC motherboard, the chipset is mostly in BGA packaging. Flash ROM chips these days are back in the old "DIP" (Dual In-line Package), so it's quite easy to work with. But, to think that even BGA chips could be altered with ease is just mind boggling.
Friday, July 6, 2012
Implanting malicious hardware
After reading this and this over at Bunnie's blog, I came to think that how easy someone can "implant" malicious hardware anywhere in the supply chain before the hardware reaches it's destination. Ball Grid Array chips are complex beast to work with physically. But, with the BGA reballing tool, even a complex chip like that could be replaced with ease (quote from Bunnie's blog):
Monday, July 2, 2012
Malicious Code Execution in PCI Expansion ROM Article
The "Malicious Code Execution in PCI Expansion ROM" article is up. You could read it over at: http://resources.infosecinstitute.com/pci-expansion-rom/.
It's a mix of old and new things; from what we have known from the old PCI expansion ROM as mentioned in PCI specification and new "feature" added by the PCI firmware spec.
It's a mix of old and new things; from what we have known from the old PCI expansion ROM as mentioned in PCI specification and new "feature" added by the PCI firmware spec.
Friday, June 15, 2012
IDA Pro Support for EFI Byte Code (EBC)
IDA Pro already support disassembling EFI Byte Code (EBC) binary, as you can see at: http://www.hexblog.com/?p=116. This is a boon for those working with UEFI :-).
Anyway, EBC have been here for a while. So, that's expected.
Anyone have used it on serious reversing project?
Anyway, EBC have been here for a while. So, that's expected.
Anyone have used it on serious reversing project?
Wednesday, April 4, 2012
Legacy BIOS Interrupt 13h Drive Numbering
I've been searching for drive numbering in legacy BIOS interrupt 13h for a couple of days when I finally stumbled on this Microsoft documentation: http://support.microsoft.com/kb/62571
This is the relevant excerpt:
This is the relevant excerpt:
The BIOS Interrupt 13H uses a zero-based number for floppy disk drives ("A"= 0, "B"= 1, and so on), and a zero-based number with the high bit (bit 7) set for hard disks ("C"= 80H, "D"= 81H, and so on).Well, this info might have some use afterall ;-)
Subscribe to:
Posts (Atom)
