Re: Something Not Rigth!

Hopefully, most people will realize that data in these microprocessors must be "hard coded." In other words, it is simply not possible to write code to these processors and have it reside on the computer chip. I might be possible to write code that would intercept commands from something like a CPU and alter it, but that sort of thing would be picked up by any good antivirus program.

I suppose that a rogue engineer could plug some weird code into a processor at the factory, but I am not sure how possible that is. I have always wondered how secure the microprocessors on a motherboard are when these motherboards are manufactured at a location other than ones country of origin. For instance, could someone hide code in a microprocessor that would execute in the event of a war between two countries. Such code could then serve as an executable that would remotely send data to some server or something. That is something that might be interesting to ponder.


"Shenan Stanley" <newshelper@xxxxxxxxx> wrote in message news:OIETqoBQIHA.4880@xxxxxxxxxxxxxxxxxxxxxxx
NJITGS wrote:
Anti virus scanners that scan software are one thing, but what
about virus' that are flashed into the soft memory or other micro
chips within a computer and hibernate there and execute at any time
when the system is rebooted?
Antiviral programs and malware removal programs only scan the
physical hard drive and sometimes (if you have a good malware remol
tool) deep scan the RAM memory for malicious software. What
happens when other memory modules become infected and launch at
system startup?
Something to ponder for the holidays...

Season's Best!

Elaine Beauxrauxgard-Weiderhoff

<snipped>
Entire Thread:
http://groups.google.com/group/microsoft.public.security/browse_frm/thread/cb7ed7fd1f898890/194771d086c21aba?lnk=st&q=author%3ANJITGS#194771d086c21aba

More postings from NJITGS (Elaine Beauxrauxgard-Weiderhoff):
http://groups.google.com/groups/profile?enc_user=yjA7SxIAAACDeS_QIAaljlZaaFC4fwozpbyajUBv9M9XLUB2gqkZmQ



NJITGS wrote:
I'll give the readers of this thread the right to draw thier own
conclusions and opinion about my theory. Thank you...

I have to agree with Paul Adare on this one.

What you are describing is just non-existent. Most antivirus applications (and the OS for that matter) would prevent such infections from occurring... You do not have the hardware access necessary without warning to do what you are describing and most antivirus software will catch things trying to 'reside in memory' simply because they have to be READ into that memory in the first place - thus being scanned in the process.

The weakest factor in computer security is human beings.

At one point you described, "... someone in ... AOL or MSN chat be able to send a boot code to a computer that reboots it and flashes a virus into it's soft memory" <- without describing what 'soft memory" was or without pointing out that the person on the receiving end would need a badly configured client or bad judgment in accepting and automatically executing whatever was sent to them by someone they supposedly trusted enough to have on their IM lists.

The flashing of hardware devices is not something that can be 'just done' - not to mention that the number of variable involved (different computer specs, etc) would make such a tool impractical EXCEPT in an attack against a SPECIFIC single target. If I know you, know your computer system and know your habits/idiosyncrasies - then maybe I could pull off something like you describe - on you and a specific computer of yours. It would have to be a conspiracy against *you* by someone you knew (or someone who has been quietly collecting a lot of information on you and your stuff for some time in order to know exactly what/how to do it so it would work.)

In other words - this is just one conspiracy theory that is just unlikely to happen to any given person on the street.

--
Shenan Stanley
MS-MVP
--
How To Ask Questions The Smart Way
http://www.catb.org/~esr/faqs/smart-questions.html


.

Relevant Pages

  • [UNIX] Linux Kernel binfmt_elf ELF Loader Privilege Escalation
    ... Get your security news from a reliable source. ... or in other words to execute a new program. ... One of the Linux format loaders is the ELF (Executable and Linkable ... of the memory map header in the binary image and the program ...
    (Securiteam)
  • [SECURITY] iSEC advisory about binfmt_elf
    ... Linux kernel binfmt_elf loader vulnerabilities ... One of the Linux format loaders is the ELF (Executable and Linkable ... and the position of the memory map header in the binary image and ... An user may try to execute such a malicious binary with an unterminated ...
    (Linux-Kernel)
  • Linux ELF loader vulnerabilities
    ... Numerous bugs have been found in the Linux ELF binary loader while ... Internally the Linux kernel uses a binary format loader layer to ... and the position of the memory map header in the binary image and ... An user may try to execute such a malicious binary with an unterminated ...
    (Bugtraq)
  • [Full-Disclosure] Linux ELF loader vulnerabilities
    ... Numerous bugs have been found in the Linux ELF binary loader while ... Internally the Linux kernel uses a binary format loader layer to ... and the position of the memory map header in the binary image and ... An user may try to execute such a malicious binary with an unterminated ...
    (Full-Disclosure)
  • Linux ELF loader vulnerabilities
    ... Numerous bugs have been found in the Linux ELF binary loader while ... Internally the Linux kernel uses a binary format loader layer to ... and the position of the memory map header in the binary image and ... An user may try to execute such a malicious binary with an unterminated ...
    (Full-Disclosure)