Ask HN: How does “Passionatepolka” work?
I've read some things today which claim the NSA has a software tool called "Passionatepolka" which can brick a NIC remotely. Of course my first thought was to the Black ICe from fictional stories like Neuromancer and Shadowrun..
So I did some web searching, but I cannot find anything about this supposed program, and frankly I don't believe it exists. It shouldn't be possible to brick a network device using software alone across the internet, and if it were possible surely at least dozens of hackers would be discussing it on the internet somewhere, as happens with all significant exploits.
So my money is on government propoganda, but it's interesting enough to not disregard completely. Does anyone here know about this program and have some insight on how such a thing would function?
1 comment
[ 2.5 ms ] story [ 14.3 ms ] threadFirmwares in all sorts of consumer hardware are often quite lousy and weren't, until recently, even considered as vectors for exploits (and therefore seriously secured).
I've heard of viruses that hide in the USB disk/thumbdrive firmwares, for example - the protocols to update them are sometimes open and unrestricted, and other times not hard to figure out.
So it's not a particularly far-fetched idea that there would be vulnerabilities in some of the NICs, that allow remote exploits.
That no one talks about it is not really saying anything - remember the heartbleed bug, for example.