Phlashing attack permanently destroys hardware over the network

By Cory Doctorow at 10:02 am Tuesday, May 20

A scary new (theoretical) malware attack, Phlashing, involves tricking a remote device into letting you flash its firmware so that the machine can't ever be rebooted, and must be pulled out and replaced. They're called it a "Permanent Denial of Service" (PDOS) attack -- there's a ton of tasty new coinages in this little bit of ugliness.

Smith will demonstrate how network-enabled systems firmware is susceptible to a remote PDOS attack -- which he calls “phlashing” -- this week at the EUSecWest security conference in London. He’ll also unveil a fuzzing tool he developed that can be used to launch such an attack as well as to detect PDOS vulnerabilities in firmware systems.
His so-called PhlashDance tool fuzzes binaries in firmware and the firmware’s update application protocol to cause a PDOS, and it detects PDOS weaknesses across multiple embedded systems.

Link (via /.)

Share this post Tweet Pin It

Read more Happy Mutants Safety

show full bio

Cory Doctorow

Jun 1, Sydney Vivid
Jul 14, London EFF Speakeasy
Jun 18, Dublin Internet Freedom

Context (essays)
With a Little Help (short stories)
For the Win (YA novel)
Makers (adult novel)

Where not otherwise specified, this work is licensed under a Creative Commons License permitting non-commercial sharing with attribution. Boing Boing is a trademark of Happy Mutants LLC in the United States and other countries.

Submit a Link Hot Latest Gweek Apps For Kids Boing Boing Shop

Features Reviews Science Archives About Us

DESKTOP VIEW

Switch to our mobile site

EDITORS

Boing Boing Ship T-Shirt

Follow: Twitter and Facebook

Subscribe: Daily Email and RSS

Contact us • FAQ • Policies