PCI cards the next haven for rootkits?

PCI cards the next haven for rootkits?

Security researcher John Heasman released a paper this week describing a way to hide malicious code on graphics and network cards in such a way as to avoid detection and survive a full re-installation of the operating system.

The paper (PDF), published on Wednesday, builds on the work presented by Heasman earlier this year, describing ways to use the Advanced Configuration and Power Interface (ACPI) functions available on almost all motherboards to store and run a rootkit that could survive a reboot. The current paper outlines ways to use the expansion memory available on Peripheral Component Interconnect (PCI) cards, such as graphics cards and network cards. [read + links]