The Silicon Underground

Home » Page 311

The AMI BIOS breach of 2013

Dave Farquhar security April 6, 2013November 30, 2018amd, AMI, garage sale, intel, malware, UEFI

A security professional’s nightmare happened to AMI this week. Tons of confidential data, including the source code for the UEFI BIOS for Intel Ivy Bridge-based systems and an AMI-owned private key for digital signatures, turned up on a wide-open FTP server for all comers to download anonymously. This AMI BIOS breach has numerous implications.

The implications are nearly limitless. To a malware author, this is like finding a hollowed-out book at a garage sale stuffed with $100 bills with a 25-cent price sticker on the front. If you’re a budding security professional, count on being asked in job interviews why you need to protect confidential information. The next time you get that question, here’s a story you can cite.

Take a peek at Bill Gates’ pre-Microsoft resume

Dave Farquhar Retro Computing April 5, 2013April 10, 2017Bill Gates, Paul Allen

Bill Gates and Paul Allen posed for a re-creation of a famous early Microsoft photograph this week; at the same event, Gates’ pre-Microsoft resume surfaced.

Although it’s counterintuitive, AT&T’s new password policy makes sense

Dave Farquhar security April 4, 2013November 3, 2025AT&T, leaks, password list, password requirements, passwords

AT&T has a new password policy that forbids the use of certain common words in passwords, including some words of a colorful nature.

Yes, it reduces the number of possible passwords, but that isn’t exactly a bad thing.

Firefox 20 is out. I don’t blame you if you wait for 20.1.

Dave Farquhar Software April 3, 2013April 2, 2013firefox

I need to sync my haircut cycle with Firefox’s release cycle. It’s that time again. Version 20 is out, and it has some new features, but as frequently as dot-one releases follow new releases, I don’t blame you if you wait.

I usually update at least one of my machines right away, if only out of curiosity, but tend to let the others lag a day or two. Or a week.

How I once took down a network, including a radio station

Dave Farquhar Hardware, Retro Computing, War Stories April 3, 2013March 23, 20221990s, AOL, IBM, os 2, ps 2, Token Ring, troubleshooting

I met up Monday night with some other security professionals for some emergency networking of the professional kind. One of the attendees, a penetration tester, had a little incident where he took down a production system when he conducted his penetration test. The system owners were a bit arrogant, and, well, they paid for it.

I’ve taken down a network too, but in my case it wasn’t something security-related. No, in my case, I was a 20-year-old desktop support technician working in a college computer lab, making an honest mistake.

Scratchbuilding, Marx-style

Dave Farquhar Toy trains April 2, 2013April 1, 2013boxcar, boxcars, greenberg, KCS, lionel, marx, marx trains, tin, Wayne Wesolowski

I saw a modern-production Lionel box car in a hobby shop one weekend. I wanted it, but I really wanted it in Marx 3/16 style, so it would look right with my Marx #54 KCS diesels pulling it. But I face very long odds of ever getting that car in Marx 3/16 unless I build it myself.

So I started building. And you can too.

What I learned about air travel by globetrotting back and forth to Baltimore and D.C.

Dave Farquhar Uncategorized April 2, 2013April 1, 2013Angry Birds, Big Pond, TSA

In 2011-2012, I flew to Baltimore or Washington D.C. a lot–probably eight times, if not more. Internet pal Rob O’Hara wrote about his recent flight to Seattle this weekend; predictably, they lost his bags.

Here’s what I learned by getting to know the Baltimore area by plane.

Shakespearean surprises

Dave Farquhar Uncategorized April 1, 2013April 15, 2017syntax

This oft-cited story about Shakespeare’s wealth and how he got it in the Telegraph led me–as the Internet often does–to something else: Shakespeare as therapy.

My earliest memory of using a computer

Dave Farquhar Retro Computing April 1, 2013July 11, 2022atari, cart, commodore, commodore vic 20, tape drive, video game

Gizmodo asked this weekend about earliest computer memories, and illustrated it with a computer that sported a 3.5″ floppy drive. Young whippersnappers.

My first memory was in 1981 or 1982. Dad went to see one of his coworkers in his home, and brought me along. He had a son a few years older than me, probably about 12 years old, and there in the living room was something I’d never seen before, connected to a television and sitting on a desk. “What’s that?” I asked.

“This is a computer,” he said. Then he inserted a Choplifter cartridge and taught me how to play. Read more

A quick fix for the Insignia NS20EM50A13 monitor’s biggest annoyance

Dave Farquhar Hardware March 31, 2013March 30, 2013insignia, VGA

I’ve written about the Insignia NS20EM50A13 monitor before. It’s a reasonably good low-end monitor with the annoying tendency to change the video input back to VGA any time your system goes to sleep or changes from text to graphics mode. I accidentally discovered this week–after using the monitor for months–that if you push the OK button on the front of the monitor, it brings up the input menu, allowing you to quickly flip it back to DVI without fumbling through the menus.

I still wish the monitor would let me set the default to DVI and make it stay that way, but this is an acceptable workaround for the price, at least for me.