|
0x48 0x65 0x6c 0x6c 0x6f 0x20 0x57 0x6f 0x72 0x6c 0x64 0x21
would be a more applicable, programmer oriented, message for something worn outdoors
(unless my hex is wrong)
|
|
|
|
|
Your hex / Ascii is fine.
The World wrote: Hello yourself!
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
|
Big-endian or little-endian?
|
|
|
|
|
lol you should totally be wearing one
|
|
|
|
|
|
She fine.
Aw, you meant the encoding
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
|
|
|
|
|
|
Strut
If you can't laugh at yourself - ask me and I will do it for you.
|
|
|
|
|
yep
|
|
|
|
|
I was reading this article where the author says this is possible:
Espionage or Journalism? After the Snowden NSA Leaks - The Atlantic[^]
Quote: I sent a forensic image of its working memory to a leading expert on the security of the Macintosh operating system. He found unexpected daemons running on my machine, serving functions he could not ascertain. (A daemon is a background computing process, and most of them are benign, but the satanic flavor of the term seemed fitting here.) Some software exploits burrow in and make themselves very hard to remove, even if you wipe and reinstall the operating system, so I decided to abandon the laptop.
|
|
|
|
|
Off tbe top of my head, one could write a virus that modified the BIOS of a computer so that it loaded at every reboot. This would then inspect the installed operating system and download the appropriate daemon from the control website.
I'm certain that real virus writers could be much more creative.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Depends how you do it - there are MBR viruses (and I think I've heard of GPT viruses as well) which can survive a reformat of the system partition. It's also possible to infect the BIOS / UEFI, though that's a lot harder, so they are pretty rare: BIOS Virus - Microsoft Community[^]
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
To answer the question in the subject line:
Yes, any product having an update-able bios can retain a malware.
Which is most hard drives, motherboards and graphic cards.
|
|
|
|
|
if the hard drive will not boot/reboot, then formatting will not work, and there are viruses that will break your machine's ability to boot/reboot.
Other than that I would have to Google for answers, just as I am sure you did already.
|
|
|
|
|
Yes, this is possible. The flash bios on any hardware that has a flash bios can be infected, i.e. a graphics card, the motherboard, etc. I saw this first hand back in the mid 90's when flash bios started to become a thing. The company had ordered 24k modems for all of the lab workstations to upload lab results to an offsite reporting service. Due to the nature of the flash bios on the modems, one got infected from a user running a DOS application downloaded from a BBS. It took us, seems like, forever to discover that the hardware itself was compromised and had to be removed from the workstation.
"When you are dead, you won't even know that you are dead. It's a pain only felt by others; same thing when you are stupid."
Ignorant - An individual without knowledge, but is willing to learn.
Stupid - An individual without knowledge and is incapable of learning.
Idiot - An individual without knowledge and allows social media to do the thinking for them.
modified 19-Nov-21 21:01pm.
|
|
|
|
|
OK, it looks like there is a type of virus that infects the Master Boot Record. So wouldn't that be wiped if I do a re-partition on the drive?
|
|
|
|
|
Not necessarily; it depends on what the repartitioning software actually updates.
If it read the current MBR, updates only the partition size(s), and then writes it back, the virus code will still be there. If it rewrites the entire MBR, it will probably kill the virus.
The best way to handle MBR viruses is to:
- Backup your data from the partition(s) (not an image backup!)
- Zero the disk using DBAN or any other convenient disk zapper that works on the ENTIRE disk (not on disk partitions)
- Repartition the disk and reinstall all software (this will also be a good chance to get rid of any cruft that has accumulated over time - just don't reinstall it).
- Perform a full anti-virus sweep (using your newly-reinstalled anti-virus software) on the disk. If all is OK, make an image backup of the disk.
- Lastly, restore your data.
There may be quicker methods, but none are more certain.
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
As others pointed out already, the MBR is in the startup chain, selecting the needed (and more obviously named) bootsector on a partition of the disk. In the early nineties at least, we called this the partitionsector. In that time, people did not seem to be generally aware of this. Once I was home with a flue, I got a call from work for assistance from just such an impossibly recurring virus. I had to feel my way with debug calling int 13h but succeeded tracing the problem to the MBR and overwriting the sector with the normally formatted partition sector. Forgot all about my flue in the proces.
|
|
|
|
|
Let me try a (speculative) answer along different lines:
1. If it's a QuickFormat, then virus data can still exist in sectors that are marked as clean of files. Of course, this virus is not active. I am just pointing out that a virus could use this to store its payload or stolen data for later use, if it was able to reactivate itself somehow.
2. Another vector would be a false format. If you format a disk (not the OS boot disk) from a computer that has malware, it could run a fake format that leaves things apparently blank, but in reality the disk is booby-trapped for the virus to reactivate itself. It would be quite tricky to pull this off, survive an OS reinstallation etc.
|
|
|
|
|
I always do a deep format, that way I can determine the health of the hard drive.
|
|
|
|
|
I saw a proof-of-concept that a laptop battery firmware could be weaponized.
Outside of a dog, a book is a man's best friend; inside of a dog, it's too dark to read. -- Groucho Marx
|
|
|
|
|
This has been discussed as to WHY you SHOULD ONLY USE a charging USB Cable!
The USB can be flashed from a public charging stand infected. And it is basically impossible to detect, because the virus LIES about being installed (imagine my shock!), and it adds itself on all future updates.
Only possible if a Data Cable is used!
|
|
|
|
|
I remember the rootkit scandal with Sony many (15?) years ago. It was something that hid itself from the operating system, but I guess that could be removed by a complete format of the hard drive.
As other have pointed, if your BIOS can be updated by software (my Dell computer every now and then updates its BIOS), you could definitely put a virus in there.
It would be an interesting task for a weekend
|
|
|
|
|
I knew a company whose security product was designed to survive exactly that, by storing info in the interpartition gaps. BIOS mods (by the BIOS mfr) brought that info back out again.
|
|
|
|