[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: How NSA access was built into Windows



Alan <alan lxorguk ukuu org uk> writes:
> (realistically it's much easier and safer to drop in on the AMD CEO
> and arrange a silicon back door than to try and hide one in
> software),

And its probably easier still to doctor the firmware on the disk drive
to do nasty things.  Who checks that???  (Eg. a random key written as
unprivileged user data could be a command to the firmware to do
something that violates security such as changing disk data or
divulging some secret.  This command key could even be written to disk
as the result of something relatively innocuous such as receiving
email or logging an HTTP transaction.)

-wolfgang


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]