Trust no one: backdoored CPUs

J.A. Terranson measl at
Sun Aug 15 19:18:21 PDT 2004

On Sun, 15 Aug 2004, Major Variola (ret) wrote:

> We worried about compromized OSes, BIOSes, read last week about
> a PNG library bug that lets images run buffer exploits, now CPUs
> can be backdoored:
> >From Scheier's Crypto-gram:
> Here's an interesting hardware security vulnerability.  Turns out that
> it's possible to update the AMD K8 processor (Athlon64 or Opteron)
> microcode.  And, get this, there's no authentication check.  So it's
> possible that an attacker who has access to a machine can backdoor the
> CPU.
> <
> 7&Thread=1&entryID=35446&roomID=11> or <>

Old news.  The ability to update CPU microcode has been around (publicly)
since the Pentium Pro.  I have no proof (other than vague memories), but I
believe this was around even earlier on some of the more archaic CPU lines
in the middle 80's.


J.A. Terranson
sysadmin at

  "...justice is a duty towards those whom you love and those whom you do
  not.  And people's rights will not be harmed if the opponent speaks out
  about them."      Osama Bin Laden
	- - -

  "There aught to be limits to freedom!"    George Bush
	- - -

Which one scares you more?

More information about the cypherpunks-legacy mailing list