Detection of off-the-shelf malware is a very hard problem. Conceptually a lost cause.
In case of CVE-2016-1252 there are no reports of this being used in the wild. So no off-the-shelf exploiting CVE-2016-1252 exists.
See this chapter: https://www.whonix.org/wiki/Computer_Security_Education#Malware
Detection of tailored malware is even harder.
Off-the-shelf malware if widespread enough has a chance of being detected by a technical person. It may also happen that tailored malware gets detected by a technical person, but the combination of tailored malware and a technical person looking and being lucky may not happen so often.
As a non-technical person you don’t have great options. Either you can:
- Spend a fear years to learn the technical skills (knowledge about operating systems, network protocols, package analyzer, programming, disassembly), then try your luck.
- Pay a lot money to a very technical person trying to find malware on your system. (Figure out the salary / payment for a security researcher / malware analyst and pay be ready to pay them for a few months.)
- Be a high value target, have a probable explanation / evidence why you think you are being compromised and happen to find a very technical person to volunteer finding the malware. Most likely only people who have a strong intrinsic motivation. Like, if Snowden thought he was infected by a hardware virus, he might find someone looking into it to then publically expose it.
Yes.
No.
Running everything inside VMs is a very reasonable approach. However, it also only highers the bar. Making it more difficult / expensive to compromise the whole system. It’s not a perfect system.
No distribution of Linux [or Xen, or…] like Debian, Qubes, BSD or whatnot can solve the issue of not needing to throw out the hardware. These are issues with hardware so they can only be really fixed at the hardware level. Software levels at best can provide workarounds.
The problem is that there is no hardware that consists of entirely Libre Software. The firmware being Libre Software as well as also the hardware being Libre Software. Also analyzing the firmware of hardware or at least wiping a maybe-compromised version and overwriting it with a most-likely-clean firmware is much, much harder than it ought to be. (research fun: how to reflash the BIOS without starting the computer [because then the malware would be active and could tamper with that cleaning process]; how to do the same for the firmware of your disk controller; CPU; Intel AMT; what else needs reflashing - That stuff is so difficult, that it’s cheaper to buy new hardware.)
See also State considered harmful - A proposal for a stateless laptop
Stateless computers do not exist but that would be required to exist to not need to throw away the hardware.
Everyone convinced now, that we need stateless Libre Software hardware? 