I should also point out that there is great concern right now over hardware viruses. We (the United States) have been concerned about this for quite
a while since we opened our first Intel fab plant in China. It is not hard in this day and age to program a computer to "phone home" (have a
built-in trojan) in hardware. And Intel is of course a GSO provider. In fact, the concern is that some of these chips (if their design is altered to
insert a trojan) will find their way into sensitive areas, such as the Pentagon, the National Laboratories, and other Federal Government agencies.
This is fundamentally a problem of opaqueness in the supply chain for the computer that sits on your desk or powers whatever is on your desk. I think
I even saw a Popular Science or Popular Mechanics article intimating the same thing... let me see if I can find it...
Popular Mechanics Article on This Threat...
When a software problem is detected, thousands or millions of computers can be fixed within hours with a software patch. Discover a malevolent
hardware component, however, and machines need to be fixed one by one by one. On a large network it could take months—if the problem were detected
at all.
"There are a whole bunch of functions inside each chip that you have no direct access to," says Stephen Kent, chief information security scientist
for BBN Technologies and a member of the Intelligence Science Board, which advises U.S. intelligence agencies. "We passed the point a long time ago
when you could combinatorially test all the possible inputs for a complex chip. If somebody hid a function that, given the right inputs, could cause
the chip to do something surprising, it's not clear how you could test for that."
What they are talking about, in the section on "combinatorially testing" each possible input into a chip, is called an "OpCode". There is a level
that is much higher than root (called CPL0, Control Protection Level 0) at which the kernel runs (whether Windows or Linux or any OS). From CPL0 (if
you know how to write a stub into the kernel in C or assembly) you can test different OpCodes to see what they do. It was in this way that the
undocumented OpCodes for the performance counters where found in the Intel 80486, the precursor to the Intel Pentium, in which these were documented.
I worked a lot on these OpCodes (actually writing the first library for Linux that used these for performance monitoring - on the 486  ).
Anyway, one could try combinations of OpCodes (which is how these "secret" functions were found - there used to be a web page of undocumented
OpCodes, let me see if it still exists...) And then you tried to figure out what they did. Nowadays there are too many OpCodes and besides, almost
all CPUs are "user programmable" to some extent (too complex to get into, but fascinating stuff).
... I cannot find the old site that used to document so-called "illegal OpCodes" in the Intel Pentium line of chips. Should I chance upon it, I
will post it if anyone is interested.
The point is - these hardware trojans CANNOT be found by modern software-based detection methods in a reliable manner. So, if you've got one (even
from, say, the government, pray tell) then your just hosed. So hold onto those old chips, whose architecture was known not to have such
threatening things. (And yes - these hardware trojans can be on anything - including new pop-in components for your PCI or even older ISA and VESA
buses).
Happy computing!
Woody
EDIT: Added reference to "assembly" along with "C".
[edit on 15-5May-08 by WoodyAcres]
|
I would think since the BIOS boots the PC and inventories devices, it could very well be coded to open ports for intrusion before the software loads.
Guess thats why they will be doing away with the BIOS in future productions. Pentium IIIs had that open CPU that reported on your processor when
online. I would bet your checks they still have a function open to all PCs. Like the recent MS live onecare debacle for XP/Vista.
|
reply to post by WoodyAcres
Well my friend you just opened up a whole new can of worms and one that paranoid persons like myself have always feared. I was once into a hobby that
required purchasing chips and soldering them on boards in order to perform specific functions.
What I found interesting is that multiple chips can be used to perform the identical functions, so when one chip we needed wasn't available we would
just substitute another which had more functions available than we needed or used.
So, I've always thought how one could create a motherboard or CPU even and create uses for those unused and thus undocumented functions. Essentially
you could build a machine hidden within a machine. It no doubt would be something that those interested in spying would take part in.
[edit on 15-5-2008 by verylowfrequency]
|
Hey guys.
I am a computer programmer and a hacker, and this is my perspective / opinion on it.
Firstly, hacking is usually done for several main reasons. All of these reasons are significant and widespread:
1. For fun
Yes, a lot of hackers create viruses and such just for fun. Just to see how it'll work, just to see how many computers they can infect, just for the
sheer thrill and excitement of it.
2. Out of hate
Many hackers really really hate Microsoft. The reasons for this are beyond this thread, but because we really hate them, we create viruses to
disadvantage the people who use their software, so they'd switch to something better, make Microsoft look like a joke ( goal accomplished), etc.
3. Status / Bragging rights
There are a lot of hacker groups and organisations. They frequently take down large websites, and create complex malware, for the sole purpose of
gaining status, being known, etc - fame if you will.
4. Sabotage
Quite a few competing companies use proxy companies to hire skilled hackers, to take down their competition's websites, to make malware for their
software, to exploit security holes in it, etc.
One widely known example of this (within the hacker community), is the RIAA creating a proxy company to hack The Pirate Bay.
5. Financial Gain
A lot of hackers create specific viruses which steal things like personal details, credit cards, website & bank account info, etc, etc - solely for
financial gain.
Now I come to the interesting part. Let me explain it very carefully.
When you purchase an expensive (or any) piece of software, you expect it to work. You expect it to work, and you expect it to get the job done, as
specified and advertised. You never expect it to do something completely unexpected, and you would certainly never expect spending large amounts of
money on other software, just to use that original, expensive piece of software - especially since such an arrangement was never made known to you.
Imagine a company, who's very expensive software is very widely used. They make a lot of money from it, but due to fierce competition from the open
source side of things, their profit margins and corporate customer base are dropping.
Now, ideally, the company would overhaul it's software, to enable it to compete more aggressively with it's competition...but suppose that this
option is impossible by the very nature of their software, because it must be proprietary, because they must make a lot of money from it, to make a
lot of deals, to monopolise the market to create the insane profits they had in the first place.
Something must be done though, they need to make more money - they need to grow. If only there was some way to suck more juice from their software
without it appearing so?
Well hang on...what if they purposely create problems with their software, and what if these problems can be easily fixed not by the software itself -
but by another piece of software, which they sell separately, for yet another high price.
Now we're thinking like businessmen!
I am of course talking about Microsoft Windows. Who thought, that in today's day and age, you could buy something so expensive, and not be able to
use it, without another very expensive piece of software, called a security suite. Nowhere - absolutely nowhere, on the windows box, documentation,
product info, etc does it say that you need this other software to use it, and yet we all know the obvious fact that you do.
How did people become so complacent about this over-time? How is it not obvious, what Microsoft has been doing over the last few years, releasing
their own very insecure operating systems and security software side by side - but as two separate products, with two separate price tags,
designed to be ran together.
How can nobody see who gains the most from this? How has it not become obvious, as more and more security problems were invented?
At first there were just viruses, then firewalls, then adware, then spyware and keyloggers, now a typical security suite contains dozens and dozens of
different security tools - and a price tag to match.
The morale of the story is to of course not use any Microsoft software, nor any proprietary software where possible.
The best software is free software. The best free software is open source.
[edit on 16-5-2008 by Manincloak]
|
UPDATE:
Ha Ha, what a joke. Someone said try the Sygate firewall. I did, it was a bunch of popups so I deleted it. Almost as soon as I did that, I got
infected. Big biohazard sign or something came up, everything pretty much crashed except "YOU MUST GET THIS PROGRAM!!!!!" It said I had 42 viruses
and needed to immediately download these programs to get rid of them.
I said heck with that, just redid my XP.
My question is, how come I never was told about the first 41 viruses that I was "infected" with.
Either I have to redo my XP every six months or so or I have the choice of spending money on a program that will just make my computer run like crap.
I'll still stick with the free route. I may lose my bookmarks every few months but that's all I keep in here for the most part. No movies, music and
what not so I'm not losing much. Still, it's a pain to go through that.
Another question: Why do the programs only quarantine a virus, not delete them? Makes little sense to me but I am no computer expert. That probably is
obvious.
|
reply to post by TheLoony
Just download whatever firewall/virus program comes with your ISP. They probably have one.
And though it probably wouldn't be necessary, there is nothing wrong with formatting every 6 months or so. It is very healthy for your computer.
|
reply to post by Sublime620
Yeah, I probably could get something from Cox, but they are really ticking me off right now. I've called them twice to stop sending me junk mail
trying to get me to sign up for digital phone service - I don't even have a land based type phone and after two years of letters I don't think I'll
ever get a phone from them. Now they have taken to calling me, trying to get me to do some kind of review of their upgraded digital cable. I don't
have digital cable, just a wire out of the wall, no box. These calls sometimes have no one on the other end, I answer and there's nothing there, no
one there at all. In my eyes that's harassment. It irritates me to no end. So, how can I trust their firewall or anything from them to work any
better? If they can't take me off their mailing list after repeated calls then how am I supposed to trust them?
As for reformatting, it ain't all that bad. That is, if I do it right. I hope I have but I know nothing. At least this thing is working and there
aren't bunches of popups all over the place. That just drives me nuts when I'm trying to do something and I can't because I keep getting derailed
by idiotic programs that aren't helping. Bad enough all the popups on the net, I don't need them from a program in my computer also.
|
reply to post by Manincloak
While I agree that Microsoft products are bloated and over priced by a factor of 10, don't forget when they were originally created DOS and then
Windows was made for stand alone computers or terminals. I remember Windows version 3 or 3.11 was the first version you could network without 3rd
party software.
In Microsoft's defense, remember they had to make their OS backwards compatible with both hardware and software with every revision. It is not
perfect, but It's been years since I've had to deal with BSOD's that were once common place and the only virus's I ever get are though my own
stupidity.
With the logic you use to justify attacks by virus authors & hackers, do you and those like you throw roofing nails on the roadways in order to tell
car & manufactures how vulnerable their vehicles tires are to sharp objects on the roadway? After all why should we have to pay 50k for a car that we
need to buy tires from somebody else in order that they continue to function properly?
That's what I think of your logic. 
|
In my experience, AVG does well to block all major infections from even taking hold of a PC. Besides, AVG can be downloaded without purchasing it, as
there's a free version that does all that I need it to do.
Just my opinion though...
TheBorg
|
Oh definite conspiracy on a corporate lvl. Every year when i had norton before id update to the next year id have malicious problems with my comp.
after upgrading to the next years version id find the virus's even though my sub to the previous year hadnt run out and i still got updates to the
previous years version. Makes me wish i kept a list...hmmm might still be on my artifical life form pc...
AVG free
projectemule.net geat site for literature and computer freeware
|
This is no secret, and it was made illegal a few decades ago.
If you are around 30-40 and working within the IT industry, you would recall one of the the first computer viruses was made by a company who also sold
a removal program to clean the infected computer. This business practice became illegal.
|
I did mention Linux earlier. I have now set up Linux Ubuntu 8.04 and Windows XP on my computer. Using Wine, I was fairly easily able to install
Windows software.
Heck, and so far the games I have installed seem to work quite well. Perhaps even better than they ran on Windows. I think Windows has too many
things going on.
The point. Perhaps Linux is a good option for those who don't want to be plagued with viruses and such.
Troy
|
