Agree, not a smoking gun until we get more information's, just the fact that it's there the option means literally nothing
PXE first of all it's present on almost all the desktops and many notebooks (the network card should be PXE-Boot enabled or it won't work)
PXE can be configured in thousands way, could have been used for the first imaging of the system (sysprep /aktoolset / etc)
Also, you need a deployment infrastructure (automated or manually) with the various NS/DNS/IPs and endpoint management
Then you would have logs around in different places of what's happening (in case, the packet captures that Mike has should be able to prove it)
Another thing it's the Acronis boot manager was shown (You won't boot normally Acronis via PXE to then boot again in another protocol), it can be local or over the network or from a hidden partition / drive etc (i think, if that's legit, was probably hidden in the 'secure zone' that's a hidden partition Acronis creates), i saw some videos from CZ channel but again, just a quick view of the interface doesn't give any detail / prove anything, we need more details
Source: I'm myself an Enterprise architect with over 15 years of experience in the field
The one thing that did get my attention is he said that the "state" had the BIOS password. Well, in Texas at least, elections are run by each county and the state should have no such access. I'm working and haven't had a chance to watch the video multiple times.
Yep that's another thing, normally (depending on how the whole infrastructure is designed / implemented), you can have two or multiple type of 'password' (access) to the BIOS, standard in professional class notebook and desktops it's a user password and a superuser one, this second that's generally kept by the IT teams, can decide what the other can view, do , etc, and has higher level access (ex can wipe the machine or do other things that the normal user can't do)
Agree, not a smoking gun until we get more information's, just the fact that it's there the option means literally nothing
PXE first of all it's present on almost all the desktops and many notebooks (the network card should be PXE-Boot enabled or it won't work)
PXE can be configured in thousands way, could have been used for the first imaging of the system (sysprep /aktoolset / etc)
Also, you need a deployment infrastructure (automated or manually) with the various NS/DNS/IPs and endpoint management
Then you would have logs around in different places of what's happening (in case, the packet captures that Mike has should be able to prove it)
Another thing it's the Acronis boot manager was shown (You won't boot normally Acronis via PXE to then boot again in another protocol), it can be local or over the network or from a hidden partition / drive etc (i think, if that's legit, was probably hidden in the 'secure zone' that's a hidden partition Acronis creates), i saw some videos from CZ channel but again, just a quick view of the interface doesn't give any detail / prove anything, we need more details
Source: I'm myself an Enterprise architect with over 15 years of experience in the field
The one thing that did get my attention is he said that the "state" had the BIOS password. Well, in Texas at least, elections are run by each county and the state should have no such access. I'm working and haven't had a chance to watch the video multiple times.
Yep that's another thing, normally (depending on how the whole infrastructure is designed / implemented), you can have two or multiple type of 'password' (access) to the BIOS, standard in professional class notebook and desktops it's a user password and a superuser one, this second that's generally kept by the IT teams, can decide what the other can view, do , etc, and has higher level access (ex can wipe the machine or do other things that the normal user can't do)