Philip Jaenke of rootwrym suggests that Dragos Ruiu’s analysis on badBIOS is dead wrong and goes on to justify his position in a compelling blog post.
My personal view on the veracity of the badBIOS claims are mixed. I believe that malware of such capability could theoretically exist but that the implementation may not be exactly as Ruiu claims. If the BIOS is involved then it is likely used as nothing more than a “bootkit” (ala Computrace) to ensure persistence. The audio covert channel I believe would likely be implemented within Windows for practical reasons.
I await the next installment of this saga in keen anticipation.
Mike the Crypto Goat 