Re: A quote from Crypto-Gram
From: Jeff Williams (frostback_at_canada.com)
Date: 08/17/04
- Next message: Huhu: "Re: Collision in SHA-0"
- Previous message: Mok-Kong Shen: "Re: A quote from Crypto-Gram"
- In reply to: Mok-Kong Shen: "Re: A quote from Crypto-Gram"
- Next in thread: Mok-Kong Shen: "Re: A quote from Crypto-Gram"
- Reply: Mok-Kong Shen: "Re: A quote from Crypto-Gram"
- Reply: Anne & Lynn Wheeler: "Re: A quote from Crypto-Gram"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 17 Aug 2004 08:21:53 -0500
Mok-Kong Shen wrote:
>
>
> Jeff Williams wrote:
>
>> Mok-Kong Shen wrote:
>
> [snip]
>
>>> Wouldn't that also mean that persons who purchase a machine aren't
>>> sure of being bugged?
>>
>>
>> Conceivably, yes.
>>
>> Having written a TINY, TINY, TINY bit of microcode, let me point out
>> that doing it well is quite difficult. Getting the relevant
>> documentation OUGHT to be very difficult. Therefore such an attack is
>> PROBABLY the domain of the talented and well-funded (i.e. major
>> corporation or government).
>
>
> I think that in the earlier generations of computers, say
> in the seventies of the last century, it was common to have
> microcodes modifiable by (expert) users. (Anyway, I remember
> to have had a colleague who spent quite some time learning
> microcode.) Could some knowledgeable person say something
> on that?
Back in the 70s and 80s, some computers (not so much micros as
mainframes, minis, and special purpose machines) had the microcode in
ROM, so microcode was modifiable. Note that it was a serious, hands-on
process. Modifications were typically done by the designers/maintainers
of the machines, not the users (having been both a designer and a user,
I distinguish between the two terms).
When I was in university (early 80s), I heard of machines (at Xerox
PARC, IIRC) that had downloadable microcode for the purpose of modifying
the instruction set on the fly. Never saw such machines - just heard
about them from my profs.
>
>> That said, I'll probably look twice at buying any more AMD products.
>
>
> On the other hand, that at least provides a way to correct
> design errors without throwing away the hardware. (Intel,
> for example, had a couple of time made such errors, if I
> don't err.)
Exactly why I'll look twice at buying more AMD products. IFF microcode
can only be updated under my control, the ability to install updates
might well be an excellent feature. If, however, it can be done outside
my control, it is not, IMHO, an excellent feature.
Jeff
- Next message: Huhu: "Re: Collision in SHA-0"
- Previous message: Mok-Kong Shen: "Re: A quote from Crypto-Gram"
- In reply to: Mok-Kong Shen: "Re: A quote from Crypto-Gram"
- Next in thread: Mok-Kong Shen: "Re: A quote from Crypto-Gram"
- Reply: Mok-Kong Shen: "Re: A quote from Crypto-Gram"
- Reply: Anne & Lynn Wheeler: "Re: A quote from Crypto-Gram"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
