funsec mailing list archives

Re: the end is nigh, smm exploit, rootkits, etc. all that fun

From: der Mouse <mouse () rodents-montreal org>
Date: Wed, 18 Mar 2009 21:15:58 -0400 (EDT)

This is the scariest, stealthiest, and most dangerous rootkit I've
seen come around since the legendary Blue Pill [...]
This is serious and represents a massive new security threat for us all.


Well, all who insist on using CPUs with that sort of
bug-waiting-to-happen in them.

I'm glad to see this, though; it means that legitimate users of such
CPUs can access a layer of their hardware that it sounds as though they
mostly haven't been able to up to now.  (I didn't know this "system
management mode" even existed before this.)

I wish I had the leisure to sit down and figure out enough of this to
make a conventional OS run using that as its privileged mode, or at
least hook into it - using this bug if necessary.

/~\ The ASCII                             Mouse
\ / Ribbon Campaign
 X  Against HTML                mouse () rodents-montreal org
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

the end is nigh, smm exploit, rootkits, etc. all that fun Alex Eckelberry (Mar 18)
- Re: the end is nigh, smm exploit, rootkits, etc. all that fun Gadi Evron (Mar 18)
  - Re: the end is nigh, smm exploit, rootkits, etc. all that fun Rob, grandpa of Ryan, Trevor, Devon & Hannah (Mar 19)
- Re: the end is nigh, smm exploit, rootkits, etc. all that fun der Mouse (Mar 18)
- Re: the end is nigh, smm exploit, rootkits, etc. all that fun Bryon Roche (Mar 20)
  - Re: the end is nigh, smm exploit, rootkits, etc. all that fun Larry Seltzer (Mar 20)