1

Please let me know if this question is more appropriate for Security.

What kinds of damage can an attacker with physical access to a Pi cause?

In a desktop PC or laptop, an attacker with physical access might be able to hide malware in, say the devices' firmwares or even the BIOS. Considering that the Pi is built differently from other computers, is there any way to hide malware in the Pi, say in the device's firmware like in those computers?

Say, someone who was targeted by an attacker ordered a Pi online and had his delivery intercepted and compromised. Can an attacker install and hide malware somewhere on board the Pi itself?

user942937
  • 185
  • 1
  • 8
  • Yes, no problem. Pi is just a computer. – tlfong01 Aug 24 '19 at 01:58
  • If you have access to a Pi, you could just swap the SD card, or the Pi itself. – Michael Harvey Aug 24 '19 at 07:41
  • 1
    It might make sense to research this the other way around, eg., finding out if there is any such thing as "firmware that *cannot* be maliciously altered". >_> – goldilocks Aug 24 '19 at 12:44
  • 1
    Maybe worth reading: https://raspberrypi.stackexchange.com/q/8963/5538 It's stated there that the base SoC firmware resides on an internal ROM and cannot be modified. The primary question here then is really whether or not the additional firmware loaded at boot from the SD card persists in the SoC after power down, and I am pretty sure the answer is *no*, because it is actually stored in the board's RAM (I did not find a reference for this, but I did not look very hard). – goldilocks Aug 24 '19 at 15:17
  • 1
    So: https://raspberrypi.stackexchange.com/q/101888/5538 – goldilocks Aug 24 '19 at 15:37
  • Nothing is stored on a RPi when the power is off and the SDCard is removed. – Dougie Aug 24 '19 at 18:51
  • 1
    That's not quite true -- the first stage bootloader is on a ROM chip in the SoC. Which is non-modifiable, but then something is because you can permanently set things such as booting from USB instead of SD. Doesn't *seem* like much of an attack vector, but I dunno much about that stuff either. And as Ingo points out, on the Pi 4 an EEPROM has replaced the 2nd stage bootloader that was on the SD card. That's modifiable, and it would certainly be a vulnerability of the sort the OP is curious about. – goldilocks Aug 25 '19 at 10:55

1 Answers1

2

If you have physical access to a computer, including Raspberry Pi, you do not have any chance to avoid attacks. The attacker can just do what he want with the hard- and software, even simply replace the whole Raspberry Pi with a prepared one. He has lots of time to prepare a RasPi before hand, and then replace it very quickly.

Even if you put the RasPi into a safe doesn't help because "physical access" means that the safes door is open.

You may consider to install a checksum program like samhain to monitor new or changed software. But an attacker will checksum its malware as accepted software with that samhain installation after installing the malware so the samhain monitor will not alert it.

Outside using the SD Card on a Raspberry Pi 4B you can reprogram its Boot EEPROM. On other RasPis you can program the OTP (One-Time Programmable memory).

jsotola
  • 531
  • 1
  • 5
  • 11
Ingo
  • 40,606
  • 15
  • 76
  • 189
  • Hi. Thanks for answering. If an attacker were to replace my Pi with a compromised one, it would have to be a perfectly working Pi that happened to be compromised. What I'm asking is if there's a way for malware to be installed in or persist somewhere on the Pi outside the operating system. – user942937 Aug 24 '19 at 12:38
  • @user942937 I have updated the answer. – Ingo Aug 24 '19 at 16:23
  • The documentation to the EEPROM you linked states that: "If the EEPROM needs updating or has somehow become corrupted, it can be reflashed using a fresh SD card with a copy of recovery.bin in the first partition of an SD card, formatted to FAT32.". Assuming an attacker had gotten to it, would simply rewriting/reflashing it be enough to wipe it? – user942937 Aug 29 '19 at 00:18
  • @user942937 I don't know, but it was said that the EEPROM can be reflashed and at least flashing it with all zeros will wipe it in fact. – Ingo Aug 29 '19 at 07:13