Questions tagged [driver]
The driver tag has no usage guidance.
45 questions
6
votes
4
answers
6k
views
Will installing a kernel mode driver onto a PC compromise the entire network it's connected to?
At home, my personal PC and work computers all connect to the same network, via ethernet and WiFi.
A video game on my personal PC is requiring an install of a "kernel mode driver." At the ...
- 327
1
vote
0
answers
208
views
How does IOMMU and/or Linux kernel handle DMA that span a page boundary?
I am looking into how DMA works at the device driver and kernel level in the Linux kernel.
I observed that access control to DMA buffers from IO devices is performed by the IOMMU and IOMMU driver in ...
- 41
1
vote
0
answers
130
views
Is having no driver installed better than having old driver?
How safe are installed & genuine-vendor signed old drivers, specifically when attackers are spoofing Microsoft and other vendor certificates?
On older PCs and laptops where some components are no ...
1
vote
1
answer
162
views
Can rootkit spread through ATA interface?
I have connected a hard disk containing bootable Windows to a system confirmed to have a rootkit and attached that disk to a couple of other systems through SATA. I'm wondering (It's kind of been ...
- 11
4
votes
2
answers
6k
views
How does Uber PIN ("Verify my Ride") feature secure anything?
Haven't been using Uber for quite a while and now just bumped into this feature called "Verify my Ride":
Verify Your Ride is a PIN verification feature that provides an
optional extra layer ...
- 778
0
votes
1
answer
1k
views
Is there a difference between a bootkit and a ring-0 rootkit?
I understand the difference between a Ring-0 rootkit and a Ring-3 rootkit, in terms of their hierarchical depth in computational models. That is kernel mode and usermode, respectively.
I am confused ...
- 211
-2
votes
1
answer
147
views
Do Hardware Manufacturers Control PC's Remotely? [closed]
I'm struggling to wrap my head around the following thing:
I have a video adapter (NVidia). It was bought new about a year ago and had the newest video drivers at the time
I disabled all the NVidia ...
- 823
6
votes
2
answers
600
views
Do antivirus programs increase your attack surface and potentially give more power to malware?
When I was a student one of my professors used to say that an antivirus actually increases your attack surface by injecting itself into system processes and let's say opening more doors for ...
- 1,675
0
votes
1
answer
658
views
What are the risks of allowing general users to add printers to their company laptops?
I work for a company with a large user base. There is a requirement to allow users to add printers to their laptops e.g. when working from home.
What are the security risks?
Is their a bad actor can ...
- 671
1
vote
0
answers
184
views
How to stop 3rd party libraries from being reported as malicious, if they were part of malicious programs in the past?
Some are standard user space dll’s and another one is actually a windows driver. The libraries alone are not dangerous and are pure utilities but they can be used by bad guys, like most software tools....
- 171
1
vote
1
answer
405
views
What physical damage can a user mode windows driver do?
If a driver runs in kernel mode it obviously can manipulate everything (well everything in ring 0), so manipulating the file system or devices is a possibility. Potentially devices can be destroyed, ...
- 572
1
vote
0
answers
332
views
How to go about checking if Windows is running any untrusted drivers (programatically)
I want to enforce a rule that my program start only if, at the time it launches, there are no untrusted kernel drivers running. I'm aware and have already tested file signature verification using ...
- 111
0
votes
1
answer
426
views
Intel Ethernet Driver Advanced Settings for Security/Privacy
There are some settings found on Device Manager > Ethernet Driver > Advanced Tab.
Are there suggestions for any of these settings? or any suggestion to improve ethernet driver security?
Adaptive ...
- 1
1
vote
2
answers
488
views
Is Zircon kernel (from Fuchsia OS) safer by being a microkernel?
Fuchsia's possible Android replacement uses the Zircon microkernel. This means that the drivers should run in userspace.
Is this an advantage over Android? For example, closed source drivers now can't ...
- 31
2
votes
1
answer
138
views
How can I protect myself from intercepting messages sent to the server?
I want to collect certain data from my application using the driver and transfer it to the server to check its integrity. And I want to sign these packages using TPM to avoid forgery. However, a user ...
- 23
1
vote
2
answers
631
views
Are there any risks involved with plugging smartphones into Windows 7-10 computer's USB ports?
When you plug a smartphone into a USB port on a Windows 7-10 computer, often a small message box pops up on the Windows device indicating that drivers are being installed. This happens automatically ...
- 3,174
2
votes
1
answer
869
views
Can a driver(malware) hide it self from device manager?
For security reasons, I have this question in mind. I am not a security professional, so I want to ask:
Let's suppose my computer's firmware is hacked. If I disable the wifi driver on windows, can a ...
- 35
2
votes
2
answers
306
views
Is it possible to determinate which functions a kernel module calls?
Trusting kernel drivers is bad. Is there something we can do to have at least an idea about what it does?
For example, let's suppose an armv8a linux kernel. I'd search for all the syscalls, which ...
- 375
1
vote
1
answer
221
views
Rogue network printers as an attack vector in windows
I recently installed a new printer in our network. Just because I was interested, I switched to wireshark when scanning for and adding the printer on windows. I noticed that it was discoverd through ...
- 13
0
votes
1
answer
403
views
Cross-signing certificates for Windows Driver Signing
For testing purposes I want to test cross-signing certificates for Windows driver signing. I understand the general concept: Two root CAs, one root CA cross-signs the other root CA's public key.
...
- 620
1
vote
3
answers
938
views
What are the the requirements for third party apps to install kernel drivers on Windows?
Can any application install a kernel driver? if not, then how Windows decides who can and who cannot?
If AVs can install kernel drivers, considering they are an application with an installer just like ...
- 410
2
votes
0
answers
162
views
Computer that can't upgrade beyond Windows 1803 - safe to use until when? [closed]
I have an old computer that can't (at least according to Windows Update) upgrade beyond Windows 1803. (Probably due to the manufacturer not releasing updates to drivers.) Until when will it be safe to ...
- 793
1
vote
1
answer
878
views
Securing IPC between kernel and user-mode application
We are currently developing a security software for Windows. This application consists of a service running in user mode and a driver in kernel mode. These two need to communicate, so that the service ...
- 13
-1
votes
1
answer
238
views
Are kernel mode drivers harder to compromise? [closed]
Of course the effects of a compromised kernel mode driver are more disastrous, but are they harder to compromise in the first place?
1
vote
2
answers
177
views
Driver separation?
are there any (at least on plan or theoretical level) that drivers will be/are/would be separated in general? ex.:
touchpad drivers shouldn't have to do anything with network access
wireless drivers ...
- 199
3
votes
1
answer
257
views
Printer Driver Threats
In an environment where users connect their devices to printers through USB, the device will be prompted to install its driver if it's the first time. As far as I'm aware for OSX, the drivers are ...
- 83
1
vote
1
answer
573
views
Can we stop aimbots by introducing a "Protected Input Path" that ensures that mouse input really comes from the mouse?
When playing First Person Shooters online it's possible to stumble on opponents using aimbots. They are really a plague, and I was wondering whether there is anything that can be done to block them.
...
1
vote
2
answers
4k
views
Airodump-ng doesn't capture handshake or sees any devices connected on Kali, but captures everything on Backtrack. How to fix it? [closed]
I ran into a problem in using kali linux system.
Kali doesn't allow me to see any devices connected to certain spot or capture any handshakes, I know that it can capture them(and see connected ...
- 11
2
votes
3
answers
1k
views
Unsigned windows driver
After regular Windows update I noticed that my video card's driver had suddenly stopped working. I made a rollback to a previous system backup and took a look at this video cards driver's information:
...
- 154
2
votes
2
answers
242
views
How I rescue my hardware from a Trojan
I got some hardware from China that comes with a RAR archive containing a "driver installer" exe, as well as a file, lpk.dll, which appears to be a Trojan that infects RAR files.
I'm now quite ...
- 1,029
5
votes
2
answers
579
views
Is it safe to install phone driver?
When I connect most Android phones to a Windows 7 computer via USB, Windows will install the appropriate drivers for the device.
My (possibly incorrect) understanding is that those drivers come with ...
- 3,174
1
vote
2
answers
242
views
How to protect a PC against sensitive data access by malicious app/driver
As a software developer I frequently work with various USB-attached peripherals in the prototype stage and their drivers.
Sometimes the peripherals come from companies that I do not know well or ...
- 143
3
votes
1
answer
758
views
Has any exploit leveraged a Video Driver flaw in WebGL?
Microsoft delayed support for WebGL due to the fact Javascript could exploit driver weaknesses.
In the years that have past, in WebGL's adoption, are there any exploits of WebGL that supports their ...
- 51.1k
1
vote
1
answer
808
views
Firmware backdoor in external hard drive without a specific driver possible?
I heard that researchers found some external hard drive with embedded backdoor (into the firmware).
I don't know if an external hard drive backdoor can be executed only by using a generic driver.
...
- 737
5
votes
1
answer
367
views
Could the unused Mali GPU in the Libre Tea Computer Card be a security risk?
The Libre Tea Computer Card is a single-board computer that comes without any proprietary software (at least that’s the goal, it’s currently in crowdfunding):
[…] all firmware and kernel sources ...
- 1,799
3
votes
2
answers
2k
views
Can you trust driver download websites? [closed]
I am looking for a driver and typed the hardware ID into google. I found information as well as sites that offer the driver.
I am hesitant to accept the offer since they are not the original source ...
- 133
8
votes
1
answer
1k
views
How to mitigate risk of X11 buffer ghosting (palinopsia bug)
The Buffer "Ghosting" Phenomenon
It is possible to observe contents of (old and currently used) graphics buffers on a monitor under certain circumstances, posing an information disclosure risk, when ...
user66981
1
vote
1
answer
348
views
Windows command line does not check for revoked certificates: How bad is it?
I recently updated my D-link wifi dongle driver. However, I had to do this through the command line because Microsoft revoked the D-link certificates after a leak. The executable would simply not ...
- 7,583
5
votes
3
answers
583
views
How risky is to use non-free wireless network driver?
Intel wireless network adapter in my computer requires a non-free driver to work. I don't want to install non-free software to my debian system. However it is a notebook and without wireless network ...
- 173
0
votes
1
answer
7k
views
How does driver install with an expired cert?
I'm working on making a silent installer of WinpkFilter driver. In my silent installation, I'm always getting a (not so silent) prompt that says "Windows can't verify the publisher of this driver ...
- 131
2
votes
1
answer
163
views
Security implication of non-free drivers
I was wondering what the security implications are of using non-free drivers on a linux laptop. Especially for graphics and wifi.
- 29
3
votes
2
answers
1k
views
Can a Vulnerability Management tool highlight BIOS and driver-level vulnerabilities?
Several known vulnerabilities affect BIOS (Reference URLs below). So my question is, are the Vulnerability Management tools (such as Nessus, NeXpose, Qualys, etc) technically capable of highlighting ...
- 1,998
3
votes
0
answers
289
views
Does Windows 8 UEFI Trusted Boot protect SSDT table from modification?
I read from a link that says:
Trusted Boot takes over where Secure Boot leaves off. The bootloader verifies the digital signature of the Windows 8
kernel before loading it. The Windows 8 kernel, ...
- 31
8
votes
3
answers
6k
views
What are the implications of including binary blobs in the Linux kernel?
According to this there are compelling reasons for caution when installing obfuscated binaries. Knowing this, how can running binary blobs as a part of the Linux kernel be acceptable from a security ...
- 183
17
votes
2
answers
3k
views
Is OpenGL a security problem?
Today, almost all desktop and most mobile operating systems and devices support some version of OpenGL. I'm wondering about the security implications of that:
In many cases, the GPU has complete and ...
- 4,283