jm + x86   2

Hacker Finds Hidden 'God Mode' on Old VIA C3 x86 CPUs
Domas discovered the backdoor, which exists on VIA C3 Nehemiah chips made in 2003, by combing through filed patents. He found one — US8341419 — that mentioned jumping from ring 3 to ring 0 and protecting the machine from exploits of model-specific registers (MSRs), manufacturer-created commands that are often limited to certain chipsets.

Domas followed the "trail of breadcrumbs," as he put it, from one patent to another and figured out that certain VIA chipsets were covered by the patents. Then he collected many old VIA C3 machines and spent weeks fuzzing code.

He even built a testing rig consisting of seven Nehemiah-based thin clients hooked up to a power relay that would power-cycle the machines every couple of minutes, because his fuzzing attempts would usually crash the systems. After three weeks, he had 15 GB of log data — and the instructions to flip on the backdoor in the hidden RISC chip.

(via Nelson)
cpu  via  x86  fuzzing  security  nehemiah  via:nelson 
august 2018 by jm
Javascript PC Emulator
truly incredible -- quite fast (about 386 speeds) under Chrome, even! from the HN comments: 'I just forkbombed my browser. Nothing is sacred anymore.' more comments at http://news.ycombinator.com/item?id=2555349
browser  javascript  linux  emulation  fabrice-bellard  hacks  amazing  cool  google-chrome  x86 
may 2011 by jm

Copy this bookmark:



description:


tags: