Related articles

• The monitor is aesthetically pleasing, featuring a smooth silver finish, unobtrusive button/menu system and a funky stand. My only thought is the bezel surrounding the display consumes a fair amount of real estate. At first I thought the footprint could have packed a 19" but I'm no electrical engineer, just an armchair critic. The height and tilt are easily adjustable, which helps when setting up the perfect perspective to take maximum advantage of the 3D presentation. To achieve the stereo imaging effect the monitor actually contains two LCD panels, which makes for a heavier and thicker case than other LCDs. Neorok Optics might want to look into modifying the base to include a horizontal swivel adjustment, but that's no biggie as users can simply re-orient the stand. One of the company's goals was to provide a monitor capable of delivering "in-screen/out-of screen" displays through a medium that wouldn't cause the same spatial distortion leading to the "physical rebellion" that occasionally plagues other solutions. The promotional materials state that the system supports "long-time viewing without causing fatigue or eyestrain, headache or nausea". Users can alter the "depth" at which the stereo frames are projected, which affects how "3D" the scene appears. The "position" of the screen can also be modified, which allows you to set the 3D appearance of the image deeper within the monitor or project it to pop out and emerge further towards the viewer. The screen surface of the monitor itself is quite reflective. We sometimes found the reflection hard on the eyes when using stereo mode, and glare became especially noticeable when playing through dark scenes for extended periods. Slide Show Advertised Monitor Specifications iZ3D Monitor Specifications LCD Size 17" Resolution 1280x1024 Contrast (typical) 400:1 Contrast (max) 600:1 Display Colors 16.7 million Display Area 337.9 x 270.3 mm Pixel Pitch 0.264 mm Response Time 8 ms Viewing Angle 140° horizontally / 130° vertically Test Setup and Settings System Hardware Processor(s) Intel Pentium 4 3.4 GHz, 2 MB L2 Cache Platform Shuttle XPC, FD31V10 motherboard Intel i945G/GZ chipset Phoenix Technologies LTD Bios Ver. 6.0 RAM Kingston 1024 MB @ DDR2/PC2-5300 (CL5.0-5-5-15) Hard Drive Western Digital Raptor, WD1500AHFD 150 GB, 10,000 RPM, 16 MB cache, SATA/150 Networking OnBoard Broadcom Netlink Gigabit Ethernet Graphics Cards Nvidia GeForce 7600GT, 256 MB GDDR3 560 MHz Core Clock 700 MHz Memory Clock (1.4 GHz DDR) Power Supply SilentX 350 W Monitor iZ3D Monitor System Software & Drivers OS Microsoft Windows XP Professional 5.10.2600, Service Pack 2 DirectX Version 9.0c (4.09.0000.0904) Graphics Driver(s) NVIDIA - Forceware 91.31 Benchmarks were run at high detail settings and save resolution; we made no further adjustments. Our logic behind this was to showcase the differences between 2D presentation and the performance hit expectations you should have when rendering the stereo optics required for 3D.

• Alan: Can any vector currently re-flash the BIOS? Joanna: No! There has been lots of confusion about it in the recent months. Some people thought that SMM attacks allow automatically to re-flash the BIOS. This is not true. Also, there was a bit unfortunate presentation at CanSecWest earlier this year by two researchers from Core, who presented on "Persistent BIOS Infection." I saw their slides and they made it look like if they found a generic way of re-flashing any BIOS and that there is hardly any way to protect against their attacks. Nothing could have been further from the truth, in fact. First, they chose to attack two low-end, dated BIOSes: an Award BIOS and also VMWare's BIOS (that itself doesn't even count, as it's not a real BIOS). Those two BIOSes didn't require firmware updates to be digitally signed by the vendors. So, no big deal that it was possible to inject some malicious code there. On the other hand, most of the currently used BIOSes (Intel or Phoenix BIOSes) allow only signed firmware updates to be re-flashed. This mechanism has been used for years, and it has nothing to do with TPM or any of the Trusted Computing technologies. This situation is especially not very comfortable for us, because next month at Black Hat, Rafal and Alex will be presenting on the real attacks on BIOS re-flashing, that would involve getting around Intel BIOS re-flash protection. So, Rafal and Alex will show how to re-flash a secure Intel BIOS, despite the fact that it normally only allows signed updates. This is going to be a really hardcore talk, and the actual exploit is really a masterpiece. I doubt, however, that malware would start using any similar attacks--they are just too complex and too much BIOS-specific. Yet, from the research point of view, the attack is extremely valuable with potential impact being more then just persistent BIOS infections. More on this next month, though. Alan: I’m looking forward to that! So what's this talk about Ring -3 attacks now? Joanna: This is going to be the second talk presented next month at Black Hat by Alex and Rafal. It's going to be something totally new, again very hardcore, but potentially offering even more power then SMM rootkits. How can something offer more privileges than SMM, when that already offers all of them? Unfortunately, I cannot say anything more right now. Let me just point out that we have been in touch with Intel for quite some time about the issues we exploit in both of the talks, and that Intel is targeting patch releases to be available a few weeks before the conference. Alan: So what can you tell us about HyperCore? Joanna: HyperCore is a thin hypervisor for laptop computers developed by Phoenix Technologies. We have been hired by Phoenix to do research on various technologies that could potentially be used to secure the hypervisor. As it is customary in the industry, I'm not at liberty to publicly discuss much about this research, and whether or how much of it has actually been used in the actual product. Alan: So far, most of your research involves getting closer and closer to the CPU. What about the other approach, getting closer to the user. If you can take over the GPU memory, couldn't you spoof a password prompt and get the user to volunteer their admin password? Or how about taking over the USB controller and logging keystrokes? Joanna: Oh, and you think that getting closer to the CPU means farther from the user? Really? It is the CPU that is the central part of the system. Everything that user does, all of his or her programs data, are eventually processed by the CPU. It's the closest element to the user one can imagine. It's where all the data are eventually being decrypted, and where all the actions are eventually being executed. Alan: I’m a 3D graphics guy, a GPGPU guy, and my hobbies are photography and cinematography. Of course I think the GPU is closer to the user than the CPU! At the end of the day, it all comes back to your senses. What you can’t see can’t hurt you. You know how you sometimes find old food stashed somewhere in the back of the fridge that has gone bad? In the time that you had forgotten it and before you saw it, smelled it, tasted it, felt it, or heard it, you wouldn’t know anything or even care. It’s like Schrödinger’s Cat, but with food. Joanna: As for your suggestion about taking over GPU memory--I think this would not be a very practical attack for malware. Even the traditional passwords are being entered in the "asterisked" form, so GPU would have troubles seeing what's under the asterisk! 

• With Recover Pro 2004, Phoenix Technologies has developed a user-friendly, highly secure and fast-working backup and recovery tool for Windows XP/2000 PCs that takes the sting out of virus and malware attacks. Best of all, it's a veritable bargain at just $40. Put all of these pluses together and we believe this software product has earned our Recommended Buy Award. Recover Pro 2004 is definitely one tool that no computer user should be without, whether mobile laptop or desktop PC, at home or in the business environment. There is one function we would like to have seen included, namely the possibility of backing up to and/or via external drives. On that front all we can do is hope that the manufacturer quickly manages to get down to checking off the items on that priority list mentioned above. Note: Phoenix Technologies also offers a version of FirstWare Recover Pro 2004 designed especially for the requirements of system builders. It stores the backup and recovery software, corresponding utility programs and backup files in the HPA (host protected area) instead of on a hidden partition. The ATA-5 standard defines the HPA as a protected area of a mass storage device, the size of which can be determined in all ATA-5-compatible storage devices using a low-level tool. Because this area is only accessible with special tools, this version is not intended for consumers, but that also makes the HPA partition especially secure, because it can't even be accessed from the DOS level so deletion is not an option. In practice, system makers use the HPA to store a factory backup of the PC, although manufacturers can throw in extra utilities, too. The HPA is generally a few GB in size.