Hacker News new | past | comments | ask | show | jobs | submit login

Which means that then the switch is _exactly_ "just a suggestion that is then handled in the card”s firmware". It doesn't cut the power to the card.



"in the firmware" part is pure speculation. It's fair to assume worst as a security best practice, but pedantically we just don't know if a mal-firmware can in fact ignore it. There could be like, the kill switch input distributed to radio amplifier and such. A lot of analog components has on-off(usually not-enable) inputs.


We don't actually know that. It's possible that connecting that pin shorts some circuit on the card that prevents it from operating. I suspect you're right though.


It usually is not, most cards will allow software unlocking even if the hardware switch is off. You can run 'rfkill unblock all' on a Linux system to test it.


rfkill shouldn’t be able to unblock hardblocks, “all” means “all cards here”, not “all of those nonsense”. Is that your experience or are you just theorizing?


It's pretty much just a button, if it doesn't physically cuts power, I'd suggest.

I think with billion dollar budget year after year, you pretty much go for firmware level attacks thees days. 0click 0day as-a-service is private economy and.. cheap and very different from what they want: long term backdoor access to everything, without the possiblility to spot it in user space or OS.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: