Dynaverse.net
Off Topic => Engineering => Topic started by: Nemesis on April 15, 2006, 10:09:41 pm
-
Link to full article (http://www.theinquirer.net/?article=30924)
A FEATURE in Intel chips designed to prevent the motherboard from self-destructing can be hijacked by crackers.
Cyber boffin Loïc Duflot, who is computer security specialist for the French government’s Secretary General for National Defence information technology laboratory, said that every computer that runs Intel chips is at risk.
Edited original title of thread for accuracy.
-
Its not Intel chips, but all x86 chips... with thermal protection functions including AMD... and its hardly a security hole, if a malicious user already has that much access to your machine you're pretty much screwed.
-
Its not Intel chips, but all x86 chips... with thermal protection functions including AMD... and its hardly a security hole, if a malicious user already has that much access to your machine you're pretty much screwed.
I hesitated about posting that because I knew with recent discussions people might think I was just being anti Intel. Even with looking I have seen nothing yet that indicates this particular flaw extends beyond Intel. Can you provide a link to a source showing the defect extends beyond AMD?
Yes I agree that if a user has physical access to your machine any security can be broken one way or another.
-
... Every computer that runs on x86 chip architecture may be vulnerable to this attack, ...
http://www.fcw.com/article94010-04-10-06-Print
The attack does not work on Windows XP, but Linux 2.6, FreeBSD, NetBSD and OpenBSD are vulnerable.
A generic approach…: Pentium®, P6 (Pentium® IV, Xeon®), Pentium® clones.
http://www.cansecwest.com/slides06/csw06-duflot.ppt
Linked and discussed on slashdot earlier this week:
The exploit requires escalated privileges to begin with. The only thing it can currently be used for is bypassing secure levels inside of OpenBSD, where you already have root.
System management mode is present on all i686-class chips, including AMD. There are a number of ways to enter it, most of which depend on the motherboard - overheating a P4 is just one way.
and my personal favorite:
ALERT!
Pentium based machines are also vulnerable to a denial of service attack from a hacker with physical access to the machine and in the possession of a large axe. Should the attacker be wielding a pair of axes (one in each hand) then the attack would constitute a distributed denial of service.
:D
http://hardware.slashdot.org/comments.pl?sid=182786&threshold=-1&mode=nested&commentsort=0&op=Change
-
Its not Intel chips, but all x86 chips... with thermal protection functions including AMD... and its hardly a security hole, if a malicious user already has that much access to your machine you're pretty much screwed.
Link to a longer version of the FCW article (http://www.fcw.com/article94004-04-07-06-Web)
Some chipsets map the SMRAM in the same location as video RAM, making it vulnerable to exploits used on video RAM, Duflot said. Those same chipsets allow access to SMRAM in Protected Mode if attackers have the right code to modify the computer’s settings, he said.
Now the key thing is to find (if we can) which chipsets contain the flaw.
-
I'd say its not worth the effort.
Whether or not you run an affected OS on an affected processor, simply do not give root or physical access to people you do not trust. Problem solved, this is just common sense.
... and it should go without saying, do not expose your machine to viruses or trojans that would allow unauthorized individuals root privileges.
-
I'd say its not worth the effort.
Whether or not you run an affected OS on an affected processor, simply do not give root or physical access to people you do not trust. Problem solved, this is just common sense.
... and it should go without saying, do not expose your machine to viruses or trojans that would allow unauthorized individuals root privileges.
Never had a computer infected myself (yet anyhow) as I am cautious and my computers are kept locked away from all others.
But I am still curious as to which chipsets are vulnerable. As a deduction it would seem to be those with embedded video, which is dying out. It would also seem to be the X Window server that is the vulnerable point rather than the OS which would make the command line secure.