Trust no one: backdoored CPUs
J.A. Terranson
measl at mfn.org
Sun Aug 15 19:18:21 PDT 2004
On Sun, 15 Aug 2004, Major Variola (ret) wrote:
> We worried about compromized OSes, BIOSes, read last week about
> a PNG library bug that lets images run buffer exploits, now CPUs
> can be backdoored:
>
>
> >From Scheier's Crypto-gram:
>
> Here's an interesting hardware security vulnerability. Turns out that
> it's possible to update the AMD K8 processor (Athlon64 or Opteron)
> microcode. And, get this, there's no authentication check. So it's
> possible that an attacker who has access to a machine can backdoor the
> CPU.
> <http://www.realworldtech.com/forums/index.cfm?action=detail&PostNum=252
>
> 7&Thread=1&entryID=35446&roomID=11> or <http://tinyurl.com/43kod>
Old news. The ability to update CPU microcode has been around (publicly)
since the Pentium Pro. I have no proof (other than vague memories), but I
believe this was around even earlier on some of the more archaic CPU lines
in the middle 80's.
--
Yours,
J.A. Terranson
sysadmin at mfn.org
0xBD4A95BF
"...justice is a duty towards those whom you love and those whom you do
not. And people's rights will not be harmed if the opponent speaks out
about them." Osama Bin Laden
- - -
"There aught to be limits to freedom!" George Bush
- - -
Which one scares you more?
More information about the cypherpunks-legacy
mailing list