• stown@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    ·
    1 year ago

    More importantly, does the attacker need physical access to the computer or can this be performed over the Internet/local network?

    • stown@lemmy.world
      link
      fedilink
      English
      arrow-up
      26
      ·
      1 year ago

      I’ll answer because I found the information. It appears that the attacker would need to rely on physical access to the machine OR another exploit that lets them access the computer remotely.

      • d3Xt3r@lemmy.nz
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Or they could just get you to execute the command without your knowledge (eg: all the people who just blindly copy-paste commands, or pipe scripts from the net into sudo). Or it could be a compromised github account/repo (supply-chain attack). Or even the ol’ techsupport scam where they get gullible users to install stuff…

    • linearchaos@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      ·
      1 year ago

      They need to be able to place a malicious file in EFI boot partition or in an unsigned section of a firmware update. Holes in the libraries that parse images for display on preboot.