Bugtraq mailing list archives
Re: Intel Pentium Bug
From: jpp () CYBERSOURCE COM (John Pettitt)
Date: Fri, 7 Nov 1997 20:04:07 -0800
Interesting indeed, trashing the microcode would be somewhat lame, adding a "give kernel mode now" instruction - that would be art :-) side note: I'm told one of the early micros (6800????) had a "stop and catch fire" instruction. An invalid opcode that locked the cpu with all the internal bus drivers on causing the chip to burn itself out! -----Original Message----- From: Eric Allman <eric () SENDMAIL ORG> To: BUGTRAQ () NETSPACE ORG <BUGTRAQ () NETSPACE ORG> Date: Friday, November 07, 1997 6:29 PM Subject: Re: Intel Pentium Bug
This scenario does assume that the instruction sequence that updates the microcode is accessible when the processor is in user mode. Of course, it does make an attack that lets you run in kernel mode rather more interesting.... eric ============= In Reply To: =========================================== : From: Aleph One <aleph1 () DFW NET> : Subject: Re: Intel Pentium Bug : Date: Fri, 7 Nov 1997 19:49:28 -0600 : On Fri, 7 Nov 1997, George Imburgia wrote: : : > Intel recently acknowledged that they enabled the ability to update : > microcode on Pentium chips several years ago. That's right folks, they
put
: > a backdoor in your hardware. The good news is, it could be used to fix : > this bug, should Intel be so inclined. : > : > AMD's microcode is updateable too. No clue about cyrix. : : This is something I discussed with a friend about two years ago. : Imagine if you will someone with information on how to download new : microcode to the CPU. This person has the availity to write a : virus/trojan/activex/program that can now compleatly disable your CPU : in such a way that it would need to be taken out to reinitialize. : If they fully disable the CPU the end user would program replace every : single component of the computer before the CPU. This would cost
thousands
: of hours of lost work and man power. : : Far worse, it could introduse subtle random flaws in for example the
login
: or artihmetic processing. How may industries would be affected if hit? : Or what about microcode backdoors that add your own instructions to : bypass memory protection? You could write your own program to modify : your process structure to become owned by root. The possibilities are : endless. : : If Intel where to provide a program to update the microcode on the CPU : it would most probably be disassembled and reverse engineered quickly. : Whats a multi-billion company to do?C : : > George Imburgia, Network Specialist Phone: (302)739-4068 : > Delaware Technical & Community College Fax: (302 739-3345 : > Office of the President e-mail:
gti () hopi dtcc edu
: : Aleph One / aleph1 () dfw net : http://underground.org/ : KeyID 1024/948FD6B5 : Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
Current thread:
- Re: Intel Pentium Bug Daniele Orlandi (Nov 07)
- Re: Intel Pentium Bug Aleph One (Nov 07)
- Re: Intel Pentium Bug Ian McWilliam (Nov 08)
- <Possible follow-ups>
- Re: Intel Pentium Bug John Pettitt (Nov 07)
- Sidenote of Pentium Bugs Dave (Nov 07)
- Security bug in iCat Suite version 3.0 Mikael Johansson (Nov 08)
- Re: Intel Pentium Bug JoelKatz (Nov 07)
- Re: Intel Pentium Bug Joe Ilacqua (Nov 07)
- Re: Intel Pentium Bug Rubens Kuhl Jr. (Nov 07)
- Re: Intel Pentium Bug Ralf Baechle (Nov 10)
- Re: Intel Pentium Bug Barry Irwin (Nov 08)
- Re: Intel Pentium Bug Bjorn Wesen (Nov 08)
- Re: Intel Pentium Bug Peter Bierman (Nov 08)
- Re: Intel Pentium Bug Aleph One (Nov 08)
(Thread continues...)
- Re: Intel Pentium Bug Aleph One (Nov 07)