SecurityRatty: Whats a Phlash?

This is cache of http://spywarebiz.com/spywarebizblog/?p=457. Cache is the snapshot of article that we took when we index feed.
To see original page click here.
We are not affiliated with the authors of this article and not responsible for its content.

Whats a Phlash?

2008-05-20 19:49:00 by Doug Woodall in The Spyware Biz Blog

So instead of taking over the computer, you just have it trash itself?
It would be messy for sure. No software to run.
Jeez.

clipped from www.darkreading.com

Permanent Denial-of-Service Attack Sabotages Hardware

Smith will demonstrate how network-enabled systems firmware is susceptible to a remote PDOS attack — which he calls “phlashing” — this week at the EUSecWest security conference in London. He’ll also unveil a fuzzing tool he developed that can be used to launch such an attack as well as to detect PDOS vulnerabilities in firmware systems.

The danger with embedded devices is that they are often forgotten. They don’t always get patched or audited, and they can contain application-level vulnerabilities, such as flaws in the remote management interface that leave the door open for an attacker, according to Smith. And remote firmware updates aren’t typically secured, but rather set up to occur by default.