Re: [iwar] News
From: Rob
From: capveg@cs.umd.edu
To: iwar@egroups.com
Tue, 16 May 2000 11:40:09 -0400
fc Tue May 16 08:41:14 2000
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Tue, 16 May 2000 08:41:14 -0700 (PDT)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Tue May 16 15:41:08 2000)
X-From_: sentto-279987-357-958491621-fc=all.net@returns.onelist.com Tue May 16 10:40:19 2000
Received: from ci.egroups.com (ci.egroups.com [207.138.41.176]) by multi33.netcomi.com (8.8.5/8.7.4) with SMTP id KAA02782 for ; Tue, 16 May 2000 10:40:19 -0500
X-eGroups-Return: sentto-279987-357-958491621-fc=all.net@returns.onelist.com
Received: from [10.1.10.36] by ci.egroups.com with NNFMP; 16 May 2000 15:40:23 -0000
Received: (qmail 16785 invoked from network); 16 May 2000 15:40:10 -0000
Received: from unknown (10.1.10.142) by m2.onelist.org with QMQP; 16 May 2000 15:40:10 -0000
Received: from unknown (HELO xor.cs.umd.edu) (128.8.128.118) by mta3 with SMTP; 16 May 2000 15:40:10 -0000
Received: from xor.cs.umd.edu (localhost [127.0.0.1]) by xor.cs.umd.edu (8.9.3/8.9.1) with ESMTP id LAA02036; Tue, 16 May 2000 11:40:09 -0400 (EDT)
Message-Id: <200005161540.LAA02036@xor.cs.umd.edu>
X-Mailer: exmh version 2.1.0 04/14/1999
To: iwar@egroups.com
Cc: capveg@cs.umd.edu
In-reply-to: Your message of "Mon, 15 May 2000 20:53:44 PDT." <200005160353.UAA06268@all.net>
From: Rob
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Tue, 16 May 2000 11:40:09 -0400
Reply-To: iwar@egroups.com
Subject: Re: [iwar] News
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
In message <200005160353.UAA06268@all.net>, Fred Cohen writes:
>Here's something I heard today - from a very reliable source:
>
>In order to allow application programs to access the display memory
>without operating system intervention, an undocumented hardware
>instruction on Pentium class Intel processors and possibly other
>'compatable' processor architectures has been included to grant
>user-level processes direct access to the real memory of the central
>processor. This means that a user process can read directly from or
>write directly to system memory. the net effect is that any user who
>can run a program of their devising on one of these computers is
>guaranteed to be able to take over the system and do whatever they wish
>- regardless of the operating system - and regardless of any add-on
>precautions at the software level.
Do you have any more information on this? This would appear to be a fairly
serious matter... being able to bypass all OS related security mechanisms
should cause most security people at least a moments pause for the
consequences :)
I am a sysadmin (and defacto security guy) at the University of Maryland's
Computer Science Department. In addition to my normal duties, I will be
entering part-time graduate school here in the fall, with an interest in
computer security and more generally, information warfare. I have been
lurking on this list from its inception, so apologies on the overdue
introduction.
Thanks,
- Rob
.
------------------------------------------------------------------------
72% off on Name brand Watches!
Come and buy today and get free shipping!
http://click.egroups.com/1/4011/7/_/595019/_/958491621/
------------------------------------------------------------------------
------------------
http://all.net/