Slashdot videos: Now with more Slashdot!
We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
Hudson's bootkit takes advantage of a vulnerability in how Apple computers deal with peripheral devices connected over Thunderbolt ports during a firmware update. In these cases, the flash is left unlocked, allowing an Option ROM, or peripheral firmware, to run during recovery mode boots. It then has to slip past Apple's RSA signature check. Apple stores its public key in the boot ROM and signs firmware updates with its private key. The Option ROM over Thunderbolt circumvents this process and writes its own RSA key so that future updates can only be signed by the attacker's key. The attack also disables the loading of further Option ROMs, closing that window of opportunity.
As a smaller and cross-platform subset of the .NET Framework, it will have its own update schedule, updating multiple times a year, while .NET will be updated once a year. At the release of .NET 4.6, Core will be a clear subset of the .NET Framework. With future iterations it will be ahead of the .NET Framework. "The .NET Core platform is a new .NET stack that is optimized for open source development and agile delivery on NuGet. We're working with the Mono community to make it great on Windows, Linux and Mac, and Microsoft will support it on all three platforms."