Sorta OT.... Virus problems may affect us

On Sun, 16 Mar 2008 06:09:27 -0700 (PDT), Jim Wilkins


So if a China, or or some other country that manufactures our chips had access to the chip manufacturing process of say..commercial grade servers, enterprize servers and so forth, its would be possible to remotely shut down, disable or worse yet, read data?
I know that there are a number of software progs that are alleged to have backdoors that can be exploited by the US government...shrug
Gunner
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Yes, but only once, and even then penetration is likely to be incomplete before detection, plus there is considerable physical isolation of the more critical networks. Like Pearl Harbor or 9/11 we can be surprised and seriously annoyed but they couldn't threaten to repeat it.
http://www.fas.org/nuke/guide/china/doctrine/unresw1.htm
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Jim Wilkins wrote:

Would a repeat be necessary? PAL, for instance, is really only effective because of a leap of faith.
--

John R. Carroll
www.machiningsolution.com
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

I think that it is a very feasible scenario that the Chinese would put some trojan code into their devices such as network cards. Normally, operating system architecture prevents a network card from taking over the computer, but who knows., maybe they would come up with something creative.
The problem with those devices mentioned in OP seems to be more Windows related (autoexecuting code from USB flash drives etc).
i
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Gunner Asch wrote:

You would have to be really nearsighted to read and modify the mask. Really smart to read the mask/modify, beyond a monkey brain.

Who is talking about software? Oh, I know that is the precursor to this part of the thread. But you have introduced a herring here.
But that is what you do, Eh Gunner?
Mask, firmware, efirm, software. All very different...
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

if the US does it, then it certianly makes sense that China would do it as well. I'd say the Chinese have less qualms about the ethics of trapdooring the US market.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

April Fool's joke in Infoworld
http://www.theregister.co.uk/2003/03/10/one_printer_one_virus_one /
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

My source was a paper memo passed around the Air Force's Electronics Systems Center in '91 that gave very considerable technical detail about how it was (or could have been) done.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Ignoramus4762 wrote:

What kind of network cards are you using? All of mine have a small EAROM to store the MAC, typically in a 24C08. That isn't executable ram. It simply stores configuration data in a 1K * 8 format. How are you going to write a back door or virus in a couple hundred bytes of non-executable RAM?

Read the data sheets for the NIC chips and see what can and can't be done. I NEVER use a boot ROM in a network card, and have never seen a properly configured network that had access to the outside world using them.

--
aioe.org is home to cowards and terrorists

Add this line to your news proxy nfilter.dat file
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

And yet all so very similar. Wanna hear my explaination of how 10 years as an EMT relates to being a Unix sysadmin?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Joe Pfeiffer wrote:

That mask can cost $5000 to produce, and is verified by computer to match the customers code. The cost to do one by hand would be at least 5X as much, and is damn hard to justify the extra months of work, and the chance that another product will beat yours to market and get a good foothold.
The industry is aware of the security problems, and has worked to close the loopholes for the last couple decades.
--
aioe.org is home to cowards and terrorists

Add this line to your news proxy nfilter.dat file
  Click to see the full signature.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Polytechforum.com is a website by engineers for engineers. It is not affiliated with any of manufacturers or vendors discussed here. All logos and trade names are the property of their respective owners.