Re: Modern hw-killing virus feasible

[A T <terrible-list () runbox com>]

A more direct actual effect of Hardware damage by software was the Takedown
preformed by Direct TV before the super bowl this year.  By making their
chips write once, they made it possible to disable the illegal smart cards.
The only fix is to physically change the configuration of the smart cards.

See..
http://slashdot.org/articles/01/01/25/1343218.shtml




-----Original Message-----
From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of Mike
A. Harris
Sent: Wednesday, March 07, 2001 2:37 AM
To: VULN-DEV () SECURITYFOCUS COM
Subject: Re: Modern hw-killing virus feasible


On Tue, 6 Mar 2001, Ma Gores wrote:

> Quoting from someone, somewhere, else...
>
> "cih erased the software stored on the chip... it should be obvious from
> that that it is software damage, not hardware damage...
>
> > But its damage is just as bad"
>
>
> Semantics, maybe.

A dead motherboard that has had it's BIOS wiped out by a virus,
is a dead motherboard.  The cost of repairing this problem is
significant enough to most people that it would basically mean
purchasing a new motherboard.  In other words, the "problem"
caused, has a pricetag associated with it.  While no physical
damage is done, and the BIOS could certainly be replaced, the
cost factors basically equivilate that the hardware is destroyed
for all practical purposes for 99% of the general case.

Joe average does not have the knowhow, nor the EPROM burner in
his desk drawer to fix the problem.  Hell, the computer store
probably couldn't help him much either.

*I* know how to fix such problems, but if I had my BIOS flashed,
for all intents and purposes, I would be buying a new board too
most likely because I don't have ready steady access to a EPROM
flasher, not to mention the time and effort involved in trying to
track down a copy of a rom - and thus time == money, yada yada.

When it comes to useless broken hardware, who really cares about
the semantics used.  That might win bonus points among peers
by making the distinction, but it is meaningless in the real
world.


----------------------------------------------------------------------
    Mike A. Harris  -  Linux advocate  -  Free Software advocate
          This message is copyright 2001, all rights reserved.
  Views expressed are my own, not necessarily shared by my employer.
----------------------------------------------------------------------
And the lord spake, saying, "First shalt thou write thy holy
code. Indenting shalt thou count to three, no more, no less.
Three shalt be the spaces thou shalt count, and the number of the
counting shalt be three.  Four shalt thou not count, nor count
thou two, excepting that thou then proceedeth to three. Eight is
right out.  Once the number three, being the third number be
reached, shalt thou move towards indenting thy next line ..