from the false-flag-to-justify-forced-secureboot dept.
The company ESET, based in Slovakia, has announced finding the first-ever UEFI rootkit in the wild. Once infected with the malware the only option is to reflash the SPI firmware or else replace the whole motherboard.
First spotted in early 2017, LoJax is a trojaned version of a popular legitimate LoJack laptop anti-theft software from Absolute Software, which installs its agent into the system's BIOS to survive OS re-installation or drive replacement and notifies device owner of its location in case the laptop gets stolen.
According to researchers, the hackers slightly modified the LoJack software to gain its ability to overwrite UEFI module and changed the background process that communicates with Absolute Software's server to report to Fancy Bear's C&C servers.
UEFI is an overly complex replacement for BIOS, and is often conflated with one of its payloads, Restricted Boot aka Secure Boot.
Volume 189 of The PCLinuxOS Magazine has an article on Bill Gates' evil prophecy from 40 years ago where he aims for ending general-purpose computing. He achieves that goal a step at a time over the decades, with the help of many a mole and quisling. Lately, the Pluton chip and Restricted Boot play both play key roles towards ending this era of general-purpose computing. The Pluton chip is an extension of the Trusted Platform Module (TPM) used by Vista10 and required by Vista11. Canonical, the maker of Ubuntu, and even its upstream source, Debian, folded years ago in regards to secure boot by using Microsoft's signing key, possibly cementing that as the norm. The article covers that and many other incidents leading up to the current situation.
There is an ever-decreasing amount of time left to keep general-purpose computing alive and the author signs off with how to approach the political maneuvers going on:
The implications are already starting to show
At the beginning of the year, Matthew Garrett, the researcher who created the UEFI bootloader for Linux (which I do not agree with at all, as it sets a precedent for Microsoft to abuse the market, with its position of power, should not be allowed under any circumstances) said that the Pluton chip was not an attack on users' freedom to use whatever operating system they wanted, which was not a threat.
In July 2022, he recanted, when he was unable to install Linux on a high-end Thinkpad Z13, complaining that this was not a legal practice by Lenovo.
But, that's what Microsoft wants. Under the guise of enforcing security, it blocks the machine's access to the user himself, being the gatekeeper of personal computing. In other words, "my" microcomputer is over. From now on, it will be Microsoft's microcomputer, and only what it allows will run...[sic]