Questions tagged [driver]
41 questions
16
votes
2 answers
Is OpenGL a security problem?
Today, almost all desktop and most mobile operating systems and devices support some version of OpenGL. I'm wondering about the security implications of that:
In many cases, the GPU has complete and unrestricted access to the main memory (for…
lxgr
- 4,094
- 3
- 28
- 37
8
votes
1 answer
How to mitigate risk of X11 buffer ghosting (palinopsia bug)
The Buffer "Ghosting" Phenomenon
It is possible to observe contents of (old and currently used) graphics buffers on a monitor under certain circumstances, posing an information disclosure risk, when combined with shoulder surfing:
Growing a Window…
user66981
7
votes
3 answers
What are the implications of including binary blobs in the Linux kernel?
According to this there are compelling reasons for caution when installing obfuscated binaries. Knowing this, how can running binary blobs as a part of the Linux kernel be acceptable from a security point of view? There exists a blob-free version of…
Reed G. Law
- 173
- 1
- 6
6
votes
2 answers
Do antivirus programs increase your attack surface and potentially give more power to malware?
When I was a student one of my professors used to say that an antivirus actually increases your attack surface by injecting itself into system processes and let's say opening more doors for controlling and manipulating the PC for malware and by that…
Sir Muffington
- 1,447
- 2
- 9
- 22
5
votes
2 answers
Is it safe to install phone driver?
When I connect most Android phones to a Windows 7 computer via USB, Windows will install the appropriate drivers for the device.
My (possibly incorrect) understanding is that those drivers come with Windows or, if needed, are downloaded from…
RockPaperLz- Mask it or Casket
- 3,114
- 21
- 50
5
votes
1 answer
Could the unused Mali GPU in the Libre Tea Computer Card be a security risk?
The Libre Tea Computer Card is a single-board computer that comes without any proprietary software (at least that’s the goal, it’s currently in crowdfunding):
[…] all firmware and kernel sources are GPL-licensed and will always remain so, and have…
unor
- 1,769
- 1
- 19
- 38
5
votes
3 answers
How risky is to use non-free wireless network driver?
Intel wireless network adapter in my computer requires a non-free driver to work. I don't want to install non-free software to my debian system. However it is a notebook and without wireless network it is not very useful for me.
I wonder how risky…
Luke
- 173
- 6
3
votes
2 answers
Can a Vulnerability Management tool highlight BIOS and driver-level vulnerabilities?
Several known vulnerabilities affect BIOS (Reference URLs below). So my question is, are the Vulnerability Management tools (such as Nessus, NeXpose, Qualys, etc) technically capable of highlighting BIOS and driver-level vulnerabilities? Is this…
lisa17
- 1,958
- 7
- 21
- 43
3
votes
0 answers
Does Windows 8 UEFI Trusted Boot protect SSDT table from modification?
I read from a link that says:
Trusted Boot takes over where Secure Boot leaves off. The bootloader verifies the digital signature of the Windows 8
kernel before loading it. The Windows 8 kernel, in turn, verifies every other component of the…
Jos8ph
- 31
- 2
3
votes
1 answer
Printer Driver Threats
In an environment where users connect their devices to printers through USB, the device will be prompted to install its driver if it's the first time. As far as I'm aware for OSX, the drivers are downloaded from Apple and you can't download without…
Jack
- 83
- 6
3
votes
1 answer
Has any exploit leveraged a Video Driver flaw in WebGL?
Microsoft delayed support for WebGL due to the fact Javascript could exploit driver weaknesses.
In the years that have past, in WebGL's adoption, are there any exploits of WebGL that supports their original position?
makerofthings7
- 50,090
- 54
- 250
- 536
3
votes
2 answers
Can you trust driver download websites?
I am looking for a driver and typed the hardware ID into google. I found information as well as sites that offer the driver.
I am hesitant to accept the offer since they are not the original source and I do not know their business model.
Is it…
Johannes
- 133
- 4
2
votes
1 answer
How can I protect myself from intercepting messages sent to the server?
I want to collect certain data from my application using the driver and transfer it to the server to check its integrity. And I want to sign these packages using TPM to avoid forgery. However, a user can trick my program by writing a similar driver…
im_sorry
- 23
- 2
2
votes
1 answer
Can a driver(malware) hide it self from device manager?
For security reasons, I have this question in mind. I am not a security professional, so I want to ask:
Let's suppose my computer's firmware is hacked. If I disable the wifi driver on windows, can a kind of virus (hidden driver software does not…
Bob
- 35
- 4
2
votes
2 answers
Is it possible to determinate which functions a kernel module calls?
Trusting kernel drivers is bad. Is there something we can do to have at least an idea about what it does?
For example, let's suppose an armv8a linux kernel. I'd search for all the syscalls, which according to https://stackoverflow.com/a/12951533,…
Gatonito
- 121
- 1