AM2 major threat to users security?

Ycon · Jun 29, 2006

I... just cant... stop laughing :lol: :lol: :lol:

http://www.eweek.com/article2/0,1895,1983037,00.asp
http://theinvisiblethings.blogspot.com/2006/06/introducing-blue-pill.html

I wonder how long it will take until her Blog will be called "intellablethings" or something like that =)

YO_KID37 · Jun 29, 2006

I... just cant... stop laughing :lol: :lol: :lol:

http://www.eweek.com/article2/0,1895,1983037,00.asp
http://theinvisiblethings.blogspot.com/2006/06/introducing-blue-pill.html

I wonder how long it will take until her Blog will be called "intellablethings" or something like that =)

OMG Ycon you found the "Intelballz" to actually post a topic just to get yourself setup for a AMD beeting and humilation

BadTrip · Jun 29, 2006

lol, where are the horde now?

Great Find Ycon

angry_ducky · Jun 29, 2006

W

T

F

?

What on earth does this have to do with AM2?

hergieburbur · Jun 29, 2006

I really hope you just stumbled across that, because it would be pretty sad if you just went out looking for an AMD flaw to start a thread about. That pretty much puts you on the same level of close-minded fanboyism at those you constantly complain about.

clarkbark · Jun 29, 2006

Alpha_Magnum · Jun 29, 2006

Thanks to the latest virtualization technology from AMD called SVM/Pacifica it is possible for Joanna Rutkowska to build a rootkit called "BLUE PILL" and odds are that if it can be done AMD has big issues!

Grinch123456 · Jun 29, 2006

I... just cant... stop laughing :lol: :lol: :lol:

http://www.eweek.com/article2/0,1895,1983037,00.asp
http://theinvisiblethings.blogspot.com/2006/06/introducing-blue-pill.html

I wonder how long it will take until her Blog will be called "intellablethings" or something like that =)

Interesting, but wouldn't this affect Intel's visualization technology as well, when/if it comes/came out with a little modification. Either way, the world will come to that crossroads when it has to.

BaronMatrix · Jun 29, 2006

I... just cant... stop laughing :lol: :lol: :lol:

http://www.eweek.com/article2/0,1895,1983037,00.asp
http://theinvisiblethings.blogspot.com/2006/06/introducing-blue-pill.html

I wonder how long it will take until her Blog will be called "intellablethings" or something like that =)

that is not a flaw. It's a function. hypervisors are supposed to isolate the OS.
She even said it doesn't take advantage of flaws and that if it can be detected then there is a bug in Pacifica.

it's just anothe rcas where malicious people take a good thing and useit for something bad

BaronMatrix · Jun 29, 2006

Thanks to the latest virtualization technology from AMD called SVM/Pacifica it is possible for Joanna Rutkowska to build a rootkit called "BLUE PILL" and odds are that if it can be done AMD has big issues!

thats' like saying that if someone releases a bug for windows that doesn't rely on a flaw Windows is screwed.

Code injection is not somethign that the CPU can adequately guard against.

I'll be surprised if this doesn't work on Intel VT also.

FITCamaro · Jun 30, 2006

What I find odd about stuff like this is that legit people actually go out and tell the world about these things. That just inspires hackers and even gives them a direction to go in. If they didn't tell anyone about it, then the problem would stay far more contained and there would be a less likely chance that anything malicious would result from it.

Tell AMD, Microsoft and the other big players. Don't tell the world.

marsclic · Jun 30, 2006

Calm down fanboys, VT malware is already available for Intel and will be presented at Black Hat US. It seems these days we will nedd a Hypervisor just to keep these VT exploits away. Of course if you use Linux and secure it properly these VT exploits are just much more difficult to implement.

See BlackHat Conference , and search for "Dino Dai Zovi".

theaxemaster · Jun 30, 2006

I think that just about everyone who has heard about this trusted computing/virtualization bit knew that this was bound to happen sometime. And for those of you that don't know, AMD is in the same TC group that intel is.

Yay for making our computers "more secure" by taking control away from the users! I'm switching to gentoo....

hella-d · Jun 30, 2006

I Doubt It, But Its Possible, You Wont Know Until It Happens (If Ever)

marsclic · Jun 30, 2006

Gentoo Linux is the way to go man. But if you're coming from Windoze you might have to take a red pill

)

Alpha_Magnum · Jun 30, 2006

Well I'm of the "not really givin a sh*t crew" since as we all know computers are expensive toys and are bound to explode sooner or later. The FUD can be from any side in this. What's her name has not released anything yet though if possible it could be a mammouth issue for AMD.

Like the other guys here I can hardly stop lauging even though I have AMD computers. It is simply too funny not to laugh. Conroe is bad enough but this if true could be a recall sort of a thing LOL ROFLOL LMMFAO...

What will AMD do?? Will they fix all the 939s and AM2s?? Will they go to Mars? Toooooooooo funnnnny!!!!

TheMaster · Jun 30, 2006

hackers really need to get a life...

BaronMatrix · Jun 30, 2006

Well I'm of the "not really givin a sh*t crew" since as we all know computers are expensive toys and are bound to explode sooner or later. The FUD can be from any side in this. What's her name has not released anything yet though if possible it could be a mammouth issue for AMD.

Like the other guys here I can hardly stop lauging even though I have AMD computers. It is simply too funny not to laugh. Conroe is bad enough but this if true could be a recall sort of a thing LOL ROFLOL LMMFAO...

What will AMD do?? Will they fix all the 939s and AM2s?? Will they go to Mars? Toooooooooo funnnnny!!!!

How is it a massive issue? Someone already posted that the same thign is possible with Intel.

It's the same as any exploit if the user clicks install, the CPU is out of the picture. This is not a flaw or a problem, it's an exploit of a technology tat does what it's supposed to do.

AGAIN THERE IS NO FIX CAUSE IT'S NOT CAUSED BY AN ERRATA. it just manipulates something that is there.

kamel5547 · Jun 30, 2006

Thanks to the latest virtualization technology from AMD called SVM/Pacifica it is possible for Joanna Rutkowska to build a rootkit called "BLUE PILL" and odds are that if it can be done AMD has big issues!

Re-read the article. You caught the wrong flaw.

"Now, Rutkowska is pushing the envelope even more, arguing that the only way Blue Pill can be detected is if AMD's Pacifica technology is flawed."

In summary: Blue Pill would run the main OS as a virtual machine without the user being aware. She is saying AMD must have a flaw in its chip because it detects the fact Blue Pill is running.

If you understand the article this is basically a "security" flaw that would affect every OS and chip that supports virtualization. I.E. a maliscious user would insert the Blue Pill as a surrounding layer to the actual OS.

Alpha_Magnum · Jun 30, 2006

I want to avoid the entire explanation that Kamel5547 wrote. My point was that if this is all true there is a problem w/ the chip and that would be K8 chips so.......... Uuuuut oooooooooo

BaronMatrix · Jun 30, 2006

Thanks to the latest virtualization technology from AMD called SVM/Pacifica it is possible for Joanna Rutkowska to build a rootkit called "BLUE PILL" and odds are that if it can be done AMD has big issues!

Re-read the article. You caught the wrong flaw.

"Now, Rutkowska is pushing the envelope even more, arguing that the only way Blue Pill can be detected is if AMD's Pacifica technology is flawed."

In summary: Blue Pill would run the main OS as a virtual machine without the user being aware. She is saying AMD must have a flaw in its chip because it detects the fact Blue Pill is running.

If you understand the article this is basically a "security" flaw that would affect every OS and chip that supports virtualization. I.E. a maliscious user would insert the Blue Pill as a surrounding layer to the actual OS.

? she said its' a flaw if a RED PILL can be used to detect the blue pill.

nilepez · Jun 30, 2006

Gentoo Linux is the way to go man. But if you're coming from Windoze you might have to take a red pill )

If everyone moved to linux tomorrow, the virus writers would move to linux, and there'd be virii a plenty. Nevermind the fact that the masses would be clueless how to patch the OS....or even when to patch the OS.

marsclic · Jun 30, 2006

If everyone moved to linux tomorrow, the virus writers would move to linux, and there'd be virii a plenty. Nevermind the fact that the masses would be clueless how to patch the OS....or even when to patch the OS.

That's a mistaken concept. If you properly secure a linux distro, a virus would have a very hard time getting through. First, the virus writer has to find a way to insert his malicious code in the system from an unpriviledged user-space. That's only possible if you find an exploitable flaw (like a buffer-overflow). Given the nature of open-source, back doors and exploitable flaws are very short-lived, because there are thousands of people who develop and test the code before they are declared stable. So virus writers only have a chance with installations that are old and haven't been "patched".
As for people not knowing how to "patch" the kernel, they don't really need to know, if a distro is well thought-out. The "patch" can be installed from an online-update service, and then all the user has to do is reboot. I am alien to this principle though, since I always compile my own kernel.
But I recognize that there are people that wil never want to switch to Linux, comfortable as they are to being treated as an ignorant idiot by the software moguls, who think users are best left not being able to think for themselves and having no business as to how to run and configure their own computers (Palladium, Trusted Computing, DRM, etc..).

infornography42 · Jun 30, 2006

Hmm, its interesting.

Saying that this will cause a problem for AMD or Intel is a bit stupid though.

I just hope that eventually all of this idiotic DRM crap will bite paranoid companies in the butt so hard that it becomes illegal to subvert the operating system for ANY reason, be it virus writing or DRM garbage. But honestly, that is wishful thinking.

spud · Jun 30, 2006

Well I'm of the "not really givin a sh*t crew" since as we all know computers are expensive toys and are bound to explode sooner or later. The FUD can be from any side in this. What's her name has not released anything yet though if possible it could be a mammouth issue for AMD.

Like the other guys here I can hardly stop lauging even though I have AMD computers. It is simply too funny not to laugh. Conroe is bad enough but this if true could be a recall sort of a thing LOL ROFLOL LMMFAO...

What will AMD do?? Will they fix all the 939s and AM2s?? Will they go to Mars? Toooooooooo funnnnny!!!!

How is it a massive issue? Someone already posted that the same thign is possible with Intel.

It's the same as any exploit if the user clicks install, the CPU is out of the picture. This is not a flaw or a problem, it's an exploit of a technology tat does what it's supposed to do.

AGAIN THERE IS NO FIX CAUSE IT'S NOT CAUSED BY AN ERRATA. it just manipulates something that is there.

They didn't give a link to prove Intel's VT suffers from this particular exploit.

AM2 major threat to users security?

Distinguished

Distinguished

Distinguished

Distinguished

Distinguished

Distinguished

Distinguished

Distinguished

Splendid

Splendid

Distinguished

Distinguished

Distinguished

Distinguished

Distinguished

Distinguished

Distinguished

Splendid

Distinguished

Distinguished

Splendid

Distinguished

Distinguished

Distinguished

Distinguished

Share this page