Re: trusting the processor chip
cwe@it.kth.se (Christian Wettergren) writes:
Take a look at the IEEE Symp on Security and Privacy Proceedings from 1995, I believe it was. There was a paper there about security bugs in the Intel processors, enumerating a number of them in 80386 for example. There where at least one or two byte sequences that plainly stopped the processor.
Yes, and this is where the real risks are. The original question was entirely about explicit subversion. The larger risk is accidental flaws. Same with software in most cases. Rick. smith@sctc.com secure computing corporation
Ross Anderson's "Programing Satans Computer" springs to mind. www.cl.cam.ac.uk/users/rja14/ Ross' papers are up there on my list of very worthwhile reading. Adam Rick Smith wrote: | | | cwe@it.kth.se (Christian Wettergren) writes: | | >Take a look at the IEEE Symp on Security and Privacy Proceedings from | >1995, I believe it was. There was a paper there about security bugs in | >the Intel processors, enumerating a number of them in 80386 for example. | >There where at least one or two byte sequences that plainly stopped | >the processor. | | Yes, and this is where the real risks are. The original question was | entirely about explicit subversion. The larger risk is accidental | flaws. Same with software in most cases. | | Rick. | smith@sctc.com secure computing corporation | -- "It is seldom that liberty of any kind is lost all at once." -Hume
participants (2)
-
Adam Shostack -
Rick Smith