Gigabyte Motherboards Self-Hacked

Newtun

Storage is nice, especially if it doesn't rotate
Joined
Nov 21, 2002
Messages
490
Location
Virginia
Alarming report from https://arstechnica.com/security/20...therboards-were-sold-with-a-firmware-backdoor:

Millions of PC motherboards were sold with a firmware backdoor​

Hidden code in many Gigabyte motherboards invisibly and insecurely downloads programs.

I built my oldest PC, about 15⅞ years ago, using a GB 965P-DS3 mobo. I assume that's too long ago for that backdoor "feature". It's still going strong, running World Community Grid research into cancer and COVID 24×7×2×100%, using a Pentium dual-core e5200, OC'ed from 2.5 to 3.2 GHz.

At the time, I thought Gigabyte was pretty reliable for consumer-grade hardware.
 

LunarMist

I can't believe I'm a Fixture
Joined
Feb 1, 2003
Messages
17,497
Location
USA
Isn't that what Intel does all the time on the management engines? And Windows is constantly spying on you and updating all kinds of crap.
 

sedrosken

Florida Man
Joined
Nov 20, 2013
Messages
1,817
Location
Eglin AFB Area
Website
sedrosken.xyz
I heard about this yesterday, and thankfully it seems mine isn't one of the models listed. For some reason either they neglected to mention any X470 parts, or the X470 parts genuinely aren't affected -- not that it matters anyway mind, since I don't run Windows and would have turned off any "smart update" feature or whatever it hooked in the first place.

Yes, Lunar, there's some controversy about the Intel Management Engine and AMD's PSP, but at the very least they keep the technical details behind those hush-hush enough that one would have the impression that they're implemented just a tad more securely.
 

Mercutio

Fatwah on Western Digital
Joined
Jan 17, 2002
Messages
22,290
Location
I am omnipresent
Users can and probably should turn off LAN access by UEFI or disable the @App Center Download. The mitigation is fairly straightforward for people comfortable enough to get in to the firmware interface.
 
Top