Vulnerability Development mailing list archives
Re: Modern hw-killing virus feasible
From: Michael Wojcik <Michael.Wojcik () MERANT COM>
Date: Wed, 7 Mar 2001 09:47:31 -0800
From: Ma Gores [mailto:gores () iname com] Sent: Tuesday, March 06, 2001 10:32 PM
I'd like to ask about the possibility of a virus damaging a monitor.... Reading from page 228 of the SuSe book that came with retail 6.4 (US edition)... "Unless you have in-depth knowledge... nothing should be changed in the modelines, since this could cause severe damage to your monitor." Isn't there a *possibility* that someone could change the modelines, via a Linux virus, that would "cause severe damage to your monitor".
In my experience, most monitors these days are pretty good at detecting signals they can't handle. The (potential) monitor-killing attack I've most often heard described was against the original IBM PC Monochrome Monitor, when driven by the IBM Monochrome Monitor and Parallel Printer Adapter. (The following is from memory and details may be wrong.) The logic on the Adapter was a set of commodity parts that could produce both TTL and NTSC composite signals. NTSC composite uses significantly higher voltage than TTL. The Monitor used TTL, in a simple design that coupled the TTL input to the step-up transformer. It was possible to reprogram the Adapter to output at NTSC rather than TTL levels, which produced a much higher output voltage from the transformer and corresponding heat dissipation problems (smoke, flames, etc.). Note the process: a software attack to change an analog output which was used to drive a piece of electrical equipment. It's not unlike having a bomb triggered by a relay wired to the game port, except that in this case the bomb also did something useful before being "detonated". Viruses per se may become more common in Linux, but I suspect they'll always play second fiddle to trojans and worms there. Not that it makes much difference. What's interesting about your query, though, is the idea of changing the modeline directives in the XFree86 configuration. Running without low-level hardware access but with permission to change your X config (if, for example, an amateur sysadmin inadvertently made /etc/X11 world-writable) is a potential niche for malware. While this particular case doesn't seem very likely, it's a reminder that files used by privileged programs are often sensitive themselves. Michael Wojcik michael.wojcik () merant com MERANT Department of English, Miami University
Current thread:
- Re: Modern hw-killing virus feasible, (continued)
- Re: Modern hw-killing virus feasible Ma Gores (Mar 06)
- Re: Modern hw-killing virus feasible Nick (Mar 07)
- Re: Modern hw-killing virus feasible Ben Ford (Mar 07)
- Re: Modern hw-killing virus feasible Titanas (Mar 08)
- Re: Modern hw-killing virus feasible Lucien Fransman (Mar 08)
- Re: Modern hw-killing virus feasible Ian Kayne (Mar 07)
- SV: Modern hw-killing virus feasible Christian Wettergren (privat) (Mar 08)
- Re: SV: Modern hw-killing virus feasible Lynn Crumbling (Mar 09)
- Re: SV: Modern hw-killing virus feasible Bruno Lustosa (Mar 09)
- SV: Modern hw-killing virus feasible Christian Wettergren (privat) (Mar 08)
- Re: Modern hw-killing virus feasible Ma Gores (Mar 06)
- Re: Modern hw-killing virus feasible Ashworth, Robert C. [Contractor] (Mar 07)
- Re: Modern hw-killing virus feasible Michael Wojcik (Mar 07)
- Re: Modern hw-killing virus feasible Robert Sandilands (Mar 07)
- Re: Modern hw-killing virus feasible Peter Tonoli (Mar 08)
- Re: Modern hw-killing virus feasible Syzop (Mar 08)
- Re: Modern hw-killing virus feasible Ian Kayne (Mar 08)
- Re: Modern hw-killing virus feasible Matt Bell (Mar 08)
- FW: Modern hw-killing virus feasible Russell Munday (Mar 08)
- Re: Modern hw-killing virus feasible Jason Brvenik (Mar 08)
- Fw: Modern hw-killing virus feasible Cilice Cracker (Mar 09)
- Fw: Modern hw-killing virus feasible Cilice Cracker (Mar 09)