A smart UPS needs to have access to some very low level functionality on the machine it’s connected to in order to safely power it off in the event of a power failure. So you’re talking about having at least some root / kernel level access there. It’s not crazy to imagine that a malicious driver update could slip in more.
As another poster commented, I’d like to see this actually simulated to be sure, but it’s not an idea that I’m willing to dismiss out of hand.
All they need is the ability to report battery percentage and send an ahci shutdown command to the OS. This is usually handled by an agent running on the machine, otherwise networked ups’s would be useless
Yes, but in theory a malicious driver could do more. How much more I’m not exactly certain of, but I’m not going to outright dismiss the idea. Like I said, I’d like to see someone prove it in a lab.
That’s actually extremely plausible.
A smart UPS needs to have access to some very low level functionality on the machine it’s connected to in order to safely power it off in the event of a power failure. So you’re talking about having at least some root / kernel level access there. It’s not crazy to imagine that a malicious driver update could slip in more.
As another poster commented, I’d like to see this actually simulated to be sure, but it’s not an idea that I’m willing to dismiss out of hand.
All they need is the ability to report battery percentage and send an ahci shutdown command to the OS. This is usually handled by an agent running on the machine, otherwise networked ups’s would be useless
Yes, but in theory a malicious driver could do more. How much more I’m not exactly certain of, but I’m not going to outright dismiss the idea. Like I said, I’d like to see someone prove it in a lab.