Etydhv

Is it legal to have an abortion in another state or abroad?

Why are Stein manifolds/spaces the analog of affine varieties/schemes in algebraic geometry?

How did NASA Langley end up with the first 737?

Where is Jon going?

How to patch glass cuts in a bicycle tire?

Is superuser the same as root?

Can I tell a prospective employee that everyone in the team is leaving?

Why did the person in charge of a principality not just declare themself king?

Why didn't Thanos use the Time Stone to stop the Avengers' plan?

My players want to grind XP but we're using milestone advancement

Dad jokes are fun

Function argument returning void or non-void type

Are black holes spherical during merger?

What is the meaning of "<&3" and "done < file11 3< file22"

Drums and punctuation

How to politely tell someone they did not hit "reply to all" in an email?

Security vulnerabilities of POST over SSL

What weight should be given to writers groups critiques?

Can you output map values in visualforce inline using a string key?

How do I superimpose two math symbols?

Why did Jon Snow do this immoral act if he is so honorable?

Shorten or merge multiple lines of `&> /dev/null &`

What did the 'turbo' button actually do?

便利な工具 what does な means

Nuke it from orbit - surely can only mean bin and buy replacement?

Search for military installed backdoors on laptopWhat useful security reports can be extracted from a Windows-based machine and its related logs?How do you explain the necessity of “nuke it from orbit” to management and users?How can I restore my Windows certificate cache so I only have those from trusted CAs?What is the risk of copy and pasting Linux commands from a website? How can some commands be invisible?question about clean reinstallation of infected windows 7 (nuke from orbit approach)How can I make sure if my computer is infected and know if I have to nuke it from orbit?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;

2

1

If there are places on a laptop malicious programs can leave elements, hooks, back doors etc, in locations such as BIOS, device controllers, firmware etc - what confidence can one have in wiping the disk and installing a fresh os image.

If I were to first use data destruction software to overwrite every individually addressable location on the hard disk, before secondly installing a freshly downloaded Windows image, this presumably isn’t much of a solution.

Surely, binning and buying a replacement is the only option? (Which would be dire, since the machine is new)

malware windows

share|improve this question

edited 8 hours ago

CompCat

asked 8 hours ago

CompCatCompCat

322

New contributor

CompCat is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Related: Search for military installed backdoors on laptop
  
  – forest
  8 hours ago
  
  

  
  
  
  

add a comment | 

2

1

If there are places on a laptop malicious programs can leave elements, hooks, back doors etc, in locations such as BIOS, device controllers, firmware etc - what confidence can one have in wiping the disk and installing a fresh os image.

If I were to first use data destruction software to overwrite every individually addressable location on the hard disk, before secondly installing a freshly downloaded Windows image, this presumably isn’t much of a solution.

Surely, binning and buying a replacement is the only option? (Which would be dire, since the machine is new)

malware windows

share|improve this question

edited 8 hours ago

CompCat

asked 8 hours ago

CompCatCompCat

322

New contributor

CompCat is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Related: Search for military installed backdoors on laptop
  
  – forest
  8 hours ago
  
  

  
  
  
  

add a comment | 

If there are places on a laptop malicious programs can leave elements, hooks, back doors etc, in locations such as BIOS, device controllers, firmware etc - what confidence can one have in wiping the disk and installing a fresh os image.

If I were to first use data destruction software to overwrite every individually addressable location on the hard disk, before secondly installing a freshly downloaded Windows image, this presumably isn’t much of a solution.

Surely, binning and buying a replacement is the only option? (Which would be dire, since the machine is new)

malware windows

share|improve this question

edited 8 hours ago

CompCat

asked 8 hours ago

CompCatCompCat

322

New contributor

CompCat is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

edited 8 hours ago

CompCat

asked 8 hours ago

CompCatCompCat

322

New contributor

CompCat is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

edited 8 hours ago

CompCat

asked 8 hours ago

CompCatCompCat

322

New contributor

CompCat is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 8 hours ago

CompCatCompCat

322

New contributor

CompCat is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 8 hours ago

CompCatCompCat

322

1 Answer
1

active

oldest

votes

6

You must do risk management. How likely it is that you and your laptop have been personally targeted? The vast majority of persistent malware operates entirely in software, and formatting the disk is more than enough to remove all traces of it. Sophisticated, firmware-resident malware is extremely rare and unlikely to be a threat unless you have particular reason to think that you are at risk. It is possible to check for firmware-level malware, but it requires a good understanding of common x86 architecture, and access to hardware to read from the flash chips. At a minimum, you'd need SPI readers for the BIOS/UEFI, and JTAG probes for the hard drive firmware and related.

If you don't have any reason to think you're being targeted, just format and re-install.

share|improve this answer

answered 8 hours ago

forestforest

42.7k18138155

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "162"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

CompCat is a new contributor. Be nice, and check out our Code of Conduct.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f210629%2fnuke-it-from-orbit-surely-can-only-mean-bin-and-buy-replacement%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

6

You must do risk management. How likely it is that you and your laptop have been personally targeted? The vast majority of persistent malware operates entirely in software, and formatting the disk is more than enough to remove all traces of it. Sophisticated, firmware-resident malware is extremely rare and unlikely to be a threat unless you have particular reason to think that you are at risk. It is possible to check for firmware-level malware, but it requires a good understanding of common x86 architecture, and access to hardware to read from the flash chips. At a minimum, you'd need SPI readers for the BIOS/UEFI, and JTAG probes for the hard drive firmware and related.

If you don't have any reason to think you're being targeted, just format and re-install.

share|improve this answer

answered 8 hours ago

forestforest

42.7k18138155

add a comment | 

6

You must do risk management. How likely it is that you and your laptop have been personally targeted? The vast majority of persistent malware operates entirely in software, and formatting the disk is more than enough to remove all traces of it. Sophisticated, firmware-resident malware is extremely rare and unlikely to be a threat unless you have particular reason to think that you are at risk. It is possible to check for firmware-level malware, but it requires a good understanding of common x86 architecture, and access to hardware to read from the flash chips. At a minimum, you'd need SPI readers for the BIOS/UEFI, and JTAG probes for the hard drive firmware and related.

If you don't have any reason to think you're being targeted, just format and re-install.

share|improve this answer

answered 8 hours ago

forestforest

42.7k18138155

add a comment | 

You must do risk management. How likely it is that you and your laptop have been personally targeted? The vast majority of persistent malware operates entirely in software, and formatting the disk is more than enough to remove all traces of it. Sophisticated, firmware-resident malware is extremely rare and unlikely to be a threat unless you have particular reason to think that you are at risk. It is possible to check for firmware-level malware, but it requires a good understanding of common x86 architecture, and access to hardware to read from the flash chips. At a minimum, you'd need SPI readers for the BIOS/UEFI, and JTAG probes for the hard drive firmware and related.

If you don't have any reason to think you're being targeted, just format and re-install.

share|improve this answer

answered 8 hours ago

forestforest

42.7k18138155

share|improve this answer

answered 8 hours ago

forestforest

42.7k18138155

answered 8 hours ago

forestforest

42.7k18138155

answered 8 hours ago

forestforest

42.7k18138155