IT News

Secret on-chip debugger discovered in AMD CPUs

On November 16, 2010, In Hardware, IT News, Reverse Engineering, By Shinnok

LE: Apparently the story is a bluff since this SUPER SECRET WTF OMGGMG SHIT discovery has been publicly known and used for at least 6 years now(look for 0x9c5a203a at the beginning). So, El Reg, you suck for not verifying stories before publishing them. AMD Rocks!

—

According to The Register a super secret password protected on-chip debugger has been discovered in all AMD chips since Athlon XP. The debugger seems to be activated once a specific password value(0x9C5A203A) has been set in a certain register(EDI to be more exact, a heavily used register).

I can’t help but wonder where exactly software security will stand on AMD CPUs, once you can access and control chip functionality by just setting a certain value in a register(free ring0 access huh?, local root?..nice, what about system?..even nicer). What about that value making it into that register by chance? Slow CPU operation? Deal with it. 🙂

Though i am afraid my assumptions are just heuristic since one needs more details and insight into this issue before making this into a statement. Quote from Czernobyl(the discoverer):

Amidst a ton of comments, I’ve seen some somber interrogations about security. IMO what is described herein does not pose new security problems per se; after all MSRs and Control Registers aren’t accessible except from ring zero. Nor are the Host’s CRs and MSRs accessible from a properly designed Virtual machine. I doubt the newly disclosed features will open security risks that were not already present due to poor OS and/or virtualization systems designs… (end of note).

Excerpt from The Register article:

A hardware hacker has discovered a secret debugging feature hidden in all AMD chips made in the past decade.

The password-protected debugger came as a shock to reverse-engineers who have hungered for an on-chip mechanism for performing conditional and direct-hardware breakpoint operations. Although AMD has built the firmware-controlled feature into all chips since the Athlon XP, the company kept it a closely guarded secret that was only disclosed late last week by a hacker who goes by the name Czernobyl.

…

Tagged with: amd • CPUs • debuggers

Packet Storm Security launches new website

On November 16, 2010, In IT News, By Shinnok

Yesterday, Packet Storm re-launched with a completely new website, both in looks and functionality, adding lots of web2.0 features like favorites, commenting, trending, tagging and rss everywhere, etc..

In my opinion the new framework is very promising, but hey, why not decide for yourself. Here is the e-mail announcing the launch:

November 15, 2010 – Today is the launch of a completely
new version of Packet Storm that has been long awaited
and is long overdue. The security community has given
us a lot of feedback during our design phase and we
have attempted to integrate many features.

As you may already know, Packet Storm is home to a
massive security portal that houses news, whitepapers,
advisories, exploits and tools.

It’s a place to showcase your work, whether it be
a research advisory or a tool you wrote. It’s a
place to check news headlines coming down the
wire or to find out about the latest vulnerabilities.

The goal of the new site is usability and integration.
We realized that this community is missing a centralized
portal to appropriately promote their work and interact
with others in the community.

The site currently hosts:

More than 38,000 advisories

More than 20,000 exploits

More than 5,000 tools

More than 2,000 whitepapers

Full historical view of releases – going all the way back to 1998.

New core features:

Trending for top author, popular topics and daily additions

Tagging exists all over the place

Commenting is allowed everywhere

RSS feeds are all over the place

Search Users, Files, News and Authors

Users:

Commenting, favorites and the ability to view the favorites of the people you follow.

CVE and OSVDB integration

Privacy settings for all personal information

You can send messages to other users

You can switch to a minimal listing view

You can set your primary mirror; we’re on four continents

Share items with Facebook, Twitter, Digg, Reddit, LinkedIn, etc

Authors:

Your very own author page and author id.

Ability to add biographic information and a picture.

Authors ranked by releases per month

If an already established author applies with the
same email address as is stored in the archive,
their profile will be linked to their work on the site.

https://packetstormsecurity.org/

Tagged with: news • packetstorm

Albert Gonzalez gets 20 years, at least for now

On March 26, 2010, In Hacking and Pentesting, IT News, By Shinnok

Albert Gonzalez at the 2001 DefCon hackers' convention in Las Vegas

Twenty years at least for now, because there’s a second conviction on a second trial to be made on which he could get up to 25 years. The court has agreed to serving his sentences concurrently, though, which means if he gets more then 20 year in the second case then he will serve that one if not he will serve the first one, sort of to speak.

Albert Gonzalez was on the payroll of the secret service as informant

On March 23, 2010, In Hacking and Pentesting, IT News, By Shinnok

Convicted TJX hacker Albert Gonzalez earned $75,000 a year working undercover for the U.S. Secret Service, informing on bank card thieves before he was arrested in 2008 for running his own multimillion-dollar card-hacking operation.

The information comes from one of Gonzalez’s best friends and convicted accomplices, Stephen Watt. Watt pleaded guilty last year to creating a sniffer program that Gonzalez used to siphon millions of credit and debit card numbers from the TJX corporate network while he was working undercover for the government.

Watt told Threat Level that Gonzalez was paid in cash, which is generally done to protect someone’s status as a confidential informant. The Secret Service said it would not comment on payments made to informants. Gonzalez’s attorney did not respond to a call for comment.

read more…

Tagged with: albert gonzalez • carding • fbi • informants • secret service

Nvidia latest driver kills video cards

On March 9, 2010, In IT News, By Shinnok

Yes that’s right and especially if you play Starcraft II beta.

You can find further info on this issue here.

The conclusion is that if you upgrade to the latest driver (196.75) and run the right graphics intense game your graphics card fans might start to malfunction because of some probably (very) stupid piece of code in the new driver and thus your graphics card will start to overheat, leading to irrevocably damage to your card, most probably killing it for good.

That being said, DO NOT UPGRADE to the latest Nvidia 196.75 driver!

If you have done already then roll back to the last version. Nvidia has also taken action and removed the download for the driver in question, but be aware since you might get that driver through Windows update or any other third party drivers and utilities software upgrade tool you might have on your system, like the ones that come from laptop vendors.

Tagged with: blizzard • gaming • nvidia • startcraft 2 • video cards

Quake Live

On March 4, 2009, In IT News, By Shinnok

Classic game Quake III will be re-released for the web browser on Tuesday, highlighting the rapid development in web games.

It runs inside browsers after the installation of a software plug-in.

“It is a significant step which proves browser games can be sophisticated,” said Michael French, editor of games industry magazine Develop.

Quake Live is a version of a PC game which was first launched in 1999.

The game is being released free of charge for browsers by id Software, and is supported by advertising. It opens to the public as a beta later on Tuesday.

more

I especially like the free part but as for the ideea of playing a game like quake in the browser i can’t really say that i am attracted too or see lots of benefits out of it(besides playing it at the office because installing a game at the office allways tends to be a little tricky), but i am not the only person on this earth so who cares if there are other millions who would enjoy it and lots money to be made out of it.

Tagged with: games • gaming • news

Apple asked Google not to use multi-touch in Android

On February 14, 2009, In IT News, By Shinnok

One of the bigger complaints about T-Mobile’s G1, the first phone based on Google’s Android platform, is that its touch screen doesn’t use multi-touch, the technology which allows for a screen to accept multiple points of contact as simultaneous input. Now we may know why.

Apple, which of course makes the signature multi-touch mobile device, the iPhone, apparently asked Google not to implement it, and Google agreed, an Android team member tells us.

more

Looks like Steve’s karma works even with Google.

Tagged with: apple • google • news

Shinnok's rants

"The only problem with troubleshooting is that sometimes trouble shoots back"