Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 22 Dec 2014, 12:39
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Was told malicious code can be written to Processor.
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [29 Posts]   Goto page: 1, 2 Next
Author Message
8-bit


Joined: 03 Apr 2007
Posts: 3398
Location: Oregon

PostPosted: Thu 09 Sep 2010, 02:57    Post subject:  Was told malicious code can be written to Processor.
Subject description: Geek Squad employee said this.
 

I was having a conversation with a Geek Squad guy in a Best Buy store and was telling him I could run linux from a computer with no hard drive and that I had ran linux for 5+ years with no virus detection software and had never caught anything.
I said that with everything in ram, that malicious software had no place to go on shutdown.
He stated that malicious code could be written to the processor and passed on from it.
I think he was feeding me a line and seeing if I would bite.
What do you think?
Is it possible for malicious code to be written to the processor cache and be able to infect a storage device on reboot?
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15122
Location: Paradox Realm

PostPosted: Thu 09 Sep 2010, 03:48    Post subject:  

Oh - my 'paranoia for beginners' compatriots will be delighted with this possibility to sweat over.

BIOS can be written to and onboard CPU cache probably still lasts about 30 seconds without power - maybe it can survive longer on the trickle charge of modern ATX power supplies?

I have never heard of such endeavours, though I believe there were efforts (perhaps successful) of some security agencies to tamper with BIOS code, to keep themselves in the loop.

If this was a likely scenario, some company would write the proof of concept and then protect from the threat they had created. Does Best Buy have a product that protects against this processor writing code?

No?
When will it be available?

Come to that when will the CPU writing code be available on the Black Hat circuit?
Tin Hats need to know.

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
jamesbond

Joined: 26 Feb 2007
Posts: 2232
Location: The Blue Marble

PostPosted: Thu 09 Sep 2010, 04:19    Post subject:  

As Lobster said. Theoretically, possible.

BIOS (both system BIOS and PCI BIOS) can be re-flashed.
CPU microcode can be updated.

Probabilistically? I wager it's very small, only because the cost/benefit ratio is very high.

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
cthisbear

Joined: 29 Jan 2006
Posts: 3469
Location: Sydney Australia

PostPosted: Thu 09 Sep 2010, 07:57    Post subject:  

Ex-Geek Squad Agent Tells The Truth!

http://geeks.pirillo.com/forum/topics/exgeek-squad-agent-tells-the

Chris.
Back to top
View user's profile Send private message 
puppyluvr


Joined: 06 Jan 2008
Posts: 3229
Location: Chickasha Oklahoma

PostPosted: Thu 09 Sep 2010, 08:44    Post subject:  

Very Happy Hello,
Quote:
Ex-Geek Squad Agent Tells The Truth!


LOL, about what I figured...And not just them. ie BestBuy and Geeksquad, but most of the MS based "Techies" at retail outlets everywhere....
Fear and intimidation reign supreme...
TG for Linux...

_________________
Close the Windows, and open your eyes, to a whole new world
http://puppylinuxstuff.meownplanet.net/puppyluvr/
Puppy Linux Users Group on Facebook

Puppy since 2.15CE...
Back to top
View user's profile Send private message Visit poster's website 
SirDuncan


Joined: 09 Dec 2006
Posts: 836
Location: Ohio, USA

PostPosted: Thu 09 Sep 2010, 13:21    Post subject:  

What the Geek Squad guy said was a straight up lie. You cannot write anything to the processor. It has no permanent storage to write to. The CPU cache is basically just very expensive, very limited capacity, very fast RAM. Lobster points out that it could still be read from for a few seconds after power off, but when the CPU boots up it doesn't go looking in the cache thinking that there will be instructions from God on the non-persistent memory. It assumes that that cache is empty. All the bits in the cache are marked as empty. It doesn't matter if it is a 0 or 1 if the CPU has it marked as empty.

The BIOS virii, on the other hand, are a very real danger. They are very hard to detect and purge and they don't depend on the OS. Fortunately, they are very uncommon in the modern era. They saw some popularity during the heyday of the floppy, but all of that architecture specific coding and space constraints (the BIOS isn't very big) made normal virii a more cost/time efficient choice. BIOS virii are also harder to get installed since you basically flash the BIOS to "upgrade" it to the infected version.

In short, no you cannot get your CPU infected any more than you can get your rotary phone infected, and the Geek Squad guy deserves a frying pan upside the head for being a manipulative liar.

_________________
Be brave that God may help thee, speak the truth even if it leads to death, and safeguard the helpless. - A knight's oath
Back to top
View user's profile Send private message Visit poster's website 
Perkins

Joined: 25 Sep 2005
Posts: 62

PostPosted: Thu 09 Sep 2010, 14:18    Post subject:  

I am mildly curious about why a linux user was wasting his time talking to Geek Squad... In my experience they are generally a bunch of highschool graduates with a "How to do X on Microsoft Windows" checklist.
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
postfs1


Joined: 27 Mar 2010
Posts: 831

PostPosted: Thu 09 Sep 2010, 15:23    Post subject:  

"article and comments, Apr 16 2008"
_________________
  • I don't know why laboratories are named a hospitals.
  • The alive personage is like a tea bag with granules of unknown density inside, at that one the packet was made of organic material and was placed in the evaporated liquid or liquid.

Back to top
View user's profile Send private message 
Perkins

Joined: 25 Sep 2005
Posts: 62

PostPosted: Thu 09 Sep 2010, 15:41    Post subject:  

Ah yes. Hardware backdoors always trump software security. Wink
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger 
8-bit


Joined: 03 Apr 2007
Posts: 3398
Location: Oregon

PostPosted: Thu 09 Sep 2010, 16:14    Post subject:  

Perkins wrote:
I am mildly curious about why a linux user was wasting his time talking to Geek Squad... In my experience they are generally a bunch of highschool graduates with a "How to do X on Microsoft Windows" checklist.

Since I am the one who started this topic, I just wanted to show that a lot of mis-information is used to sell a product or service by some.
And those customers that do no know jack about their computers fall for the lies that are used to sell said service.

I personally have Windows Vista on my PC on the factory installed hard drive.
I added another hard drive and boot to it with Easy BCD.
That second drive has Puppy installed on it and to give you an idea of how often I boot to Vista, it always complains that the AVG anitvirus needs updating and windows and other updates need to be done.

So I run Puppy, various versions, on a linux partition on the second drive secure in the fact that I feel more secure with it than I do with Windows.
Back to top
View user's profile Send private message 
Aitch


Joined: 04 Apr 2007
Posts: 6825
Location: Chatham, Kent, UK

PostPosted: Thu 09 Sep 2010, 19:02    Post subject:  

8 bit

Try this Wink

http://www.murga-linux.com/puppy/viewtopic.php?t=59738

Aitch Smile
Back to top
View user's profile Send private message 
8-bit


Joined: 03 Apr 2007
Posts: 3398
Location: Oregon

PostPosted: Thu 09 Sep 2010, 23:33    Post subject:  

Aitch,
Just by looking at the contents of the linked viruskiller file after downloading, I can tell it is a game.
I mention this just in case someone else assumed it was a virus protection program.

I still have a batch to exe utility for DOS that converts a DOS batch file to an exe file.
In my early days of win95, I accidently erased my windows directory and had to reinstall win95 as I was to dumb at the time to figure out how to recover otherwise.
I also learned that reformatting a drive did not erase data.
I could still access the data on the drive with a sector editor.
Also, in my early days with an Atari home computer, in the days of BBSes, I willingly gave control of my PC to a friend that was writing a BBS program that would allow him to take control of a remote PC.
Back to top
View user's profile Send private message 
SirDuncan


Joined: 09 Dec 2006
Posts: 836
Location: Ohio, USA

PostPosted: Fri 10 Sep 2010, 00:36    Post subject:  

postfs1 wrote:
"article and comments, Apr 16 2008"

That article doesn't make sense. First it says the processor is hacked by special firmware, then it say that the trick was to alter the logic gates (hardware). The rest of the article seems to indicate that the hack is not an infection but a physically modified chip. That would mean that you cannot "infect" a chip. It means that you must physically replace the processor with one designed to allow the attack. That's like saying if you let me install your lock that I could key it to allow a special master key to allow me to get in.

If you have physical access to install your hacked chip, you could just install a normal virus or steal the anything already on the HD. The only way this is a viable problem is if you are a government buying chips from a foreign company (i.e.: US DOD buying chips from China).

At least that's my "it's-too-late-at-night" reading of the article.

_________________
Be brave that God may help thee, speak the truth even if it leads to death, and safeguard the helpless. - A knight's oath
Back to top
View user's profile Send private message Visit poster's website 
puppyluvr


Joined: 06 Jan 2008
Posts: 3229
Location: Chickasha Oklahoma

PostPosted: Fri 10 Sep 2010, 02:43    Post subject:  

Very Happy
"Um, excuse, can I physically alter 1300 of the gates in your processor??
Let me get my microscope.."

However, a third party vendor, like the aforementioned GeekSquad guy, could pull a cpu swap... Twisted Evil

_________________
Close the Windows, and open your eyes, to a whole new world
http://puppylinuxstuff.meownplanet.net/puppyluvr/
Puppy Linux Users Group on Facebook

Puppy since 2.15CE...
Back to top
View user's profile Send private message Visit poster's website 
jamesbond

Joined: 26 Feb 2007
Posts: 2232
Location: The Blue Marble

PostPosted: Fri 10 Sep 2010, 06:05    Post subject:  

Everything is possible if you're willing to spend enough dough - CPU disassembly anyone? (not, not code disassembly - this is CPU disassembly) http://www.flylogic.net/blog/. Have fun Twisted Evil

But again, the question is, why bother? It's much easier (and more effective) to send emails containing some cute Kungfu Panda screensaver loaded with virus rather than doing these hardcore hacking stuff ...

Unless the payoff is also very great, of course.

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 2 [29 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0877s ][ Queries: 11 (0.0037s) ][ GZIP on ]