Endpoint Protection

I read an interesting article Newfangled rootkits survive hard disk wiping by Dan Goodin. This article describe a new potential dangerous kind of rootkit that could be still alive even if the hard disk has been formatted.

The Core Security Technologies researchers created a live test on two different computers , based on OpenBSD and Windows OS. The result was clear, after an hard disk replacement or a new OS installation , the rootkit injected was still there.

More details on the Newfangled rootkits survive hard disk wiping article.

That's amazing. I never knew that sort of thing was possible.

I'm sure that since it's dealing with the BIOS, there might be some size restrictions but still, very interesting.

You would probably be safe if the user ran the code as a Non-Admin.

Wonder if a BIOS flash would kill it though.

Simple - go back to protecting the BIOS like in the old days.
Some BIOSs reqiure very specific commands to be re-written, and not all are created equally. I honestly beleive this would have problems because it would have to be specifically targeted. Not all BIOS can be written/re-written using a single command.
The BIOS is also quite limited on space - the size would be restrictive.
Some boards also have a redundant BIOS (in case the users screws up the primary doing an upgrade!)
I have a gut feeling this is POC and won't see the light of day for a very long time, and never, if PC makers protect the BIOS. Quit making the BIOS so simple to upgrade. Not too many years ago, you needed vendor specific commands or software to write into a BIOS, and not long before that, it wasn't even possible as the BIOS was designed originally as a RO device.
Make it what IBM intended - BASIC IO instruction to communicate with the basic hardware only, leave the higher-level operating to the operating system.
And honestly, I've not upgraded a BIOS on my computers for many years -  could live with a jumper set to prevent writing to the BIOS. FORCE the owner to remove a jumper before allowing BIOS writes. It's as simple as that.

Lock the BIOS, do a real WIPE on a hard drive (formatting is lame and really doesn't remove any information from the drive at all - it's still there, only pointers have been removed, WIPE with DOD wipe.)

I agree  ShadowsPapa with your thoughts, protect BIOS can prevent such kind of attacks. Hope that the virus article was only a test, but sometimes happens that potential security breach become a real attack.

No, I am not talking about the nuclear meltdown in the USSR in 1986, but rather the rampant virus, that could potentially "meltdown" your BIOS, released in 1999, ironically 13 years to the day after the actual meltdown.

I don't know how far back some of you go, but back than, a BIOS was not removable with a simple extraction tool.  Nor was flashing a BIOS an easy feat.  The BIOS chip itself was saudered to the MotherBoard and everything was configured with jumpers...

The good ol' days.  Even back than, they found ways to "sneak in" to your BIOS.  Nowadays...  you can download and Executable payload from companies like DELL amongst others, where you simply double click and it flashes the BIOS for you.  No user interaction required (unless there is a BIOS pw). 

Using that principal alone, and knowing that the manufacturer uses multiple MB manufacturers, who in turn use different chips (AMI, Phoenix, etc.) it's not very hard to get the code necessary to do the flash from a "vulnerable" machine. 

Sometimes, when they try to make things "user friendly" they are really" opening a door to every hacker, craker, phreaker, script kiddy, etc. out there...