Malware installed at factory?
#1
Someone on Reddit reported that their Pinebook Pro arrived with a strange-looking autorun.inf file in the boot partition, which looked like it came from some kind of virus or other malware: https://old.reddit.com/r/PINE64official/...partition/

This particular malware might be targeted at Windows and (perhaps) not cause any harm on Linux, but if the system at the factory is compromised in this way, it could be running any number of other malicious programs resulting in the installation of literally anything on the devices.

So I have two questions:

1) Could a malicious program persist itself on the Pinebook Pro (or PinePhone) to survive after the OS is installed, for example by flashing malicious firmware or modifying the boot process? Or will it definitely be clean with a fresh OS install?

2) Should users be advised to install their own OS and not trust the pre-installed software, if the factory can't be trusted? This would affect the plan to have the PinePhone come with the user's choice of software pre-installed.
  Reply
#2
(02-13-2020, 04:55 PM)ptx Wrote: 1) Could a malicious program persist itself on the Pinebook Pro (or PinePhone) to survive after the OS is installed, for example by flashing malicious firmware or modifying the boot process? Or will it definitely be clean with a fresh OS install?

In theory it's possible to get reinfected if the onboard boot chip is written with something, but in general everything is loaded from sdcard/emmc etc so wiping those would wipe everything. The payoff of getting this to work would be pretty low so I doubt anyone would do this.
  Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  eMMC malware burp 6 630 06-13-2019, 07:24 PM
Last Post: tllim

Forum Jump:


Users browsing this thread: 1 Guest(s)