Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Intel Pentium Bug

From: aleph1 () DFW NET (Aleph One)
Date: Fri, 7 Nov 1997 19:49:28 -0600

On Fri, 7 Nov 1997, George Imburgia wrote:


Intel recently acknowledged that they enabled the ability to update
microcode on Pentium chips several years ago. That's right folks, they put
a backdoor in your hardware. The good news is, it could be used to fix
this bug, should Intel be so inclined.

AMD's microcode is updateable too. No clue about cyrix.


This is something I discussed with a friend about two years ago.
Imagine if you will someone with information on how to download new
microcode to the CPU. This person has the availity to write a
virus/trojan/activex/program that can now compleatly disable your CPU
in such a way that it would need to be taken out to reinitialize.
If they fully disable the CPU the end user would program replace every
single component of the computer before the CPU. This would cost thousands
of hours of lost work and man power.

Far worse, it could introduse subtle random flaws in for example the login
or artihmetic processing. How may industries would be affected if hit?
Or what about microcode backdoors that add your own instructions to
bypass memory protection? You could write your own program to modify
your process structure to become owned by root. The possibilities are
endless.

If Intel where to provide a program to update the microcode on the CPU
it would most probably be disassembled and reverse engineered quickly.
Whats a multi-billion company to do?C


George Imburgia, Network Specialist             Phone:  (302)739-4068
Delaware Technical & Community College          Fax:    (302 739-3345
Office of the President                         e-mail: gti () hopi dtcc edu


Aleph One / aleph1 () dfw net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01
Previous By Date Next
Previous By Thread Next

Current thread: