Interesting People mailing list archives
Re: Hardware Viruses?
From: David Farber <dave () farber net>
Date: Fri, 2 May 2008 09:42:18 -0700
________________________________________ From: Andrew C Burnette [acb () acb net] Sent: Friday, May 02, 2008 9:52 AM To: David Farber Cc: Kenneth_Mayer () Dell com Subject: Re: [IP] Hardware Viruses? Dave, Ken, I would say the article is inaccurate in the statement that the hardware vector is more difficult. On the contrary, ten years ago, the external peripherals I connected to my machine were limited to mice, keyboards and perhaps a printer. Even further back, hard drives themselves had no intelligent controllers (the interfaces today are false/logical, and have zero to do with actual drive construction, geometry to simplify the OS interface) Now the list of peripherals is nearly endless. Given the ever shifting blur between hardware and software, how is this vector different than seagate shipping blank hard drives with viruses onboard, or all HD manufacturers shipping normal drives with "hidden" areas that may have been marked as dubious during manufacturing, but could just as easily be used to copy unencrypted data, despite your use of an encryption program on the 'normal' part of the drive. You may purchase a 250G drive, which was originally manufactured as a 400G drive but had sufficient errors (or not) to warrant programming the drive to 250Gigs of "good" capacity. It works the same way as speed binning in CPU selection. (yes, there are hooks within several OS's drivers to view/read/use those areas marked offlimits by the ondrive controller) CPU's and the BIOS' on motherboards are equally suspect, as the majority (recall the pictureframe virus? of which the picture frames are still available for sale) we now innocently connect to our computing devices. Do you now trust the AES onchip CPU implementations, or the TCP offload processing embedded in NIC cards? How about device drivers? The vectors of hardware compromise are essentially endless, and the wave of consumer/prosumer devices in use have returned us to the days of "sneaker net" delivery of viruses and malware. We're simply dealing with better written code now. added to our 'default allow' rules on every SOHO firewall/NAT box in addition to most corporate firewalls provide a direct outbound route for any and all interesting data harvested by any malware, hardware/microcode or software based. Regards, andy burnette David Farber wrote:
The full paper is fun. djf ________________________________________ From: Kenneth_Mayer () Dell com [Kenneth_Mayer () Dell com] Sent: Thursday, May 01, 2008 10:11 AM To: David Farber; rforno () infowarrior org Subject: Hardware Viruses? You are concerned about spam and viruses? You ain't seen nothing yet, believe researchers from the University of Illinois at Urbana-Champaign (UIUC): A next phase of more sophisticated viruses may not only exist in software, but may be deeply embedded in hardware, or what the scientists describe as ""malicious circuits". http://www.tgdaily.com/content/view/37206/108/ Thanks, Ken Mayer Jr., M.B.A. Server and Network Specialist Advanced System Group Dell Inc., ------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Hardware Viruses? David Farber (May 01)
- <Possible follow-ups>
- Re: Hardware Viruses? David Farber (May 02)
- Re: Hardware Viruses? David Farber (May 02)