[121946] in cryptography@c2.net mail archive
Re: Just update the microcode (was: Re: defending against evil in
daemon@ATHENA.MIT.EDU (John Ioannidis)
Tue Apr 29 11:26:50 2008
Date: Tue, 29 Apr 2008 00:46:04 -0400
From: John Ioannidis <ji@tla.org>
To: alex@alten.org
CC: Cryptography <cryptography@metzdowd.com>,
"Leichter, Jerry" <leichter_jerrold@emc.com>,
John Denker <jsd@av8n.com>, Scott Guthery <sbg@acw.com>,
Ed Gerck <edgerck@nma.com>
In-Reply-To: <20080429041214.EAE2645EE81@ws6-7.us4.outblaze.com>
alex@alten.org wrote:
> No need to be a major power. Linux patches x86 code, as does Windows. I ran across a project several years ago that modified the microcode for some i/o x86 assembly instructions. Here's a good link explaining it all.
>
What the OS or the BIOS loads is files that come from Intel.
There is some verification involved, as the processor won't just accept
random bytes. You'll need a fair amount of money, as well as
intelligence expertise, to get hold of the signing keys, not to mention
the documentation for how to write microcode in the first place. I
assume that's one of Intel's (and AMD's) closest-guarded secrets.
> http://en.wikipedia.org/wiki/Microcode
"It must be true, I read it on the Internet" :)
>
> All this hw/sw flexibility makes designing a good security system a real challenge. You need a reference monitor somewhere in it that you can truly trust.
>
> - Alex
>
That we agree on!
/ji
>
>> ----- Original Message -----
>> From: "John Ioannidis" <ji@tla.org>
>> To: Cryptography <cryptography@metzdowd.com>
>> Subject: Just update the microcode (was: Re: defending against
>> evil in all layers of hardware and software)
>> Date: Mon, 28 Apr 2008 18:16:12 -0400
>>
>>
>> Intel and AMD processors can have new microcode loaded to them, and
>> this is usually done by the BIOS. Presumably there is some
>> asymmetric crypto involved with the processor doing the signature
>> validation.
>>
>> A major power that makes a good fraction of the world's laptops and
>> desktops (and hence controls the circuitry and the BIOS, even if
>> they do not control the chip manufacturing process) would be in a
>> good place to introduce problems that way, no?
>>
>> /ji
>>
>> ---------------------------------------------------------------------
>> The Cryptography Mailing List
>> Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
