Comment by throeurir
9 hours ago
So many wtf here. If anything this proves it is backdoored network card
1) downloading Windows exe files from Chinese forums
2) the USB storage provided by network card can still contain malware,
3) or can be accidentally booted from
4) it has universal USB controller, so can become any HID device: keyboard, mouse...
>2) the USB storage provided by network card can still contain malware,
That seems unlikely given that "malware" is signed by Microsoft Windows Hardware Compatibility Publisher.
https://news.ycombinator.com/item?id=42680282
It proves it might be possible to backdoor it. Maybe.
I don't know of any modern systems that will execute anything on a newly inserted drive, nor boot from an external drive in the default configuration.
So we are missing a couple of things. First, a vulnerability in the OS/system. Second, an implementation of that vulnerability in a device like this.
Should this design be phased out? Perhaps. There is relatively little difference between not populating the flash memory part of the board and a proper network-only implementation.
1) China is a country, and in that country people use Windows and make /stuff/ that runs on Windows. A flash tool, which was only intended to be distributed to OEMs, only being found on obscure forums is in line with what I've experienced with similar NAND or BIOS flashers.
2) Any USB storage can contain malware. The driver that this one stores is digitally signed by Microsoft as mentioned in the article.
3) If there was a MBR boot block or EFI file, sure. But there isn't. See 2. And that would still require the user to have Secure Boot disabled and USB as the first boot option.
4) So any device with a universal USB controller is "prove[d] backdoored"?
> 1) downloading Windows exe files from Chinese forums
VMs exist. I highly doubt the author daily drives windows XP.
> 2) the USB storage provided by network card can still contain malware
Well yes, but so can any other drivers. Downloading from the manufactures website isn't any more secure. Even signed drivers have been caught doing nasty stuff.
> 3) or can be accidentally booted from
True, but again this is quite a convoluted, noticeable, and unreliable way to compromize a system. Just injecting a handful of keystrokes will do it, and once the dead is done, the device can hide all evidence of malicious intent.
> 4) it has universal USB controller, so can become any HID device: keyboard, mouse...
This isn't wtf: a lot of devices nowadays are just microcontrollers hooked up to a USB connector. Quite a few normal USB drives can be reprogrammed to act as keyboards, and be used to get up to all sorts of shenanigans, including ones made outside of China.