Related papers by Arrigo Triulzi @cynicalsecurity
posted to
Twitter
today in response to this thread:
Project Maux Mk.II (2008)
http://t.co/h1gDtV4Vlr
The Jedi Packet Trick takes over the Deathstar (2010)
http://t.co/ENlITkJEoX
Project Booshoo or the Emporer's Modified Mind (2011)
https://t.co/33trlpJkFG
-----
At 03:36 AM 2/13/2014, Bill Stewart wrote:
At 06:42 PM 2/12/2014, Peter
Gutmann wrote:
>
http://www.livehacking.com/tag/network-card-backdoor/
>
>Proof of concept was been proven in 2010. Practical application
is probably
>being done by now. Somebody is asleep behind the wheel if it is
not.
It was demonstrated well before then, Arrigo Triulzi had demonstrated
running
an SSH server inside a NIC several years earlier.
Back in the mid-80s I ran a secure computer center (with a huge VAX
11/780 :-)
and the Army/DoD/NIST rules for secure computers needed to know who wrote
the
channel programs that the computer was using. Channels were a
mainframe thing,
which predated the VAX; the closest equivalent we had was a KMC11
processor
that sat in the Unibus and handled interrupts and cooked-mode input for
the serial cards.
So yes, proofs of concept have been around for a while :-)