Re: WARNING: Serious Pentium Bug
Anonymous <anon@anon.efga.org> wrote:
There is a SERIOUS bug in all pentium CPUs. The following code will crash any machine running on a pentium CPU, MMX or no MMX, any speed, regardless of OS (crash as in instant seize, hard reboot the only cure):
char x [5] = { 0xf0, 0x0f, 0xc7, 0xc8 };
main () { void (*f)() = x; f(); }
This require no special permissions to run, it works fine with average-joe-userspace permissions. I have verified this, it works. Demand a new CPU from Intel.
This didn't crash my Pentium. Hoax?
On Sat, 8 Nov 1997, Neva Remailer wrote: [snip]
This didn't crash my Pentium. Hoax?
I wish. It drops the P120 I tested it on like a rock, when executed from a normal user account in Linux. This does not crash the PPro or PII -- my PII just dumps core. There's been an article on this at CNet, for one, and a lot of discussion on Bugtraq and comp.sys.intel. If this is a hoax, a lot of pretty smart people have been fished in. Rich --- Rich Burroughs rich@paranoid.org PGP Key Fingerprint = 22 BA C5 D7 2C 34 BF 8E B5 82 2E 13 46 38 AA 1D Cracking RC5-64 for Kevin Mitnick http://www.paranoid.org/mitnick/
At 06:00 PM 11/9/97 -0800, Vladimir Z. Nuri wrote:
there are new schemes in the works by which Intel etc. are trying to deal with this, including a remarkable scheme in which new microcode can be downloaded to the chip. it also involves encryption in which one needs to know the encryption mechanism for the chip to accept the new instructions. apparently it's done in such a way that no one except those who know the encryption can successfully alter the chip.
Of course, this means that your least favorite TLA can introduce whatever "features" they desire on your machine if they can install a Trojan horse or virus on it...any security through obscurity scheme should be assumed to be known by the government. Jonathan Wienke PGP Key Fingerprints: 7484 2FB7 7588 ACD1 3A8F 778A 7407 2928 3312 6597 8258 9A9E D9FA 4878 C245 D245 EAA7 0DCC "If ye love wealth greater than liberty, the tranquility of servitude greater than the animating contest for freedom, go home from us in peace. We seek not your counsel, nor your arms. Crouch down and lick the hand that feeds you. May your chains set lightly upon you; and may posterity forget that ye were our countrymen." -- Samuel Adams "Stupidity is the one arena of of human achievement where most people fulfill their potential." -- Jonathan Wienke RSA export-o-matic: print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
I've been having a brief discussion with someone on this list about the pentium flaws. for those of you who don't know, there's actually a minor crisis brewing in chip design. Intel probably tests their chips more rigorously than just about anybody. the crisis is that because of the enormous increasing complexity of individual chips, it's becoming statistically impossible to completely test them. that is, as much as people want to curse Intel for their bugs, it's actually the case that they've been ahead of the curve as much as possible in testing. there are new schemes in the works by which Intel etc. are trying to deal with this, including a remarkable scheme in which new microcode can be downloaded to the chip. it also involves encryption in which one needs to know the encryption mechanism for the chip to accept the new instructions. apparently it's done in such a way that no one except those who know the encryption can successfully alter the chip. but this does raise a lot of cypherpunk issues such as about reverse engineering etc.
This require no special permissions to run, it works fine with average-joe-userspace permissions. I have verified this, it works. Demand a new CPU from Intel.
This didn't crash my Pentium. Hoax?
No way, this P200 croaked instantly the code was run, in the wrong hands this has serious network takedown potential. -- Paul Bradley paul@fatmans.demon.co.uk "Why should anyone want to live on rails?" - Stephen Fry
"Paul Bradley" <csm70830@port.ac.uk> wrote:
This require no special permissions to run, it works fine with average-joe-userspace permissions. I have verified this, it works. Demand a new CPU from Intel.
This didn't crash my Pentium. Hoax?
No way, this P200 croaked instantly the code was run, in the wrong hands this has serious network takedown potential.
The bug is a race condition in the L1 cache, so it doesn't always crash when executing this, just sometimes. It depends on what's in the cache.
participants (6)
-
Jonathan Wienke -
nobody@neva.org -
nobody@REPLAY.COM -
Paul Bradley -
Rich Burroughs -
Vladimir Z. Nuri