Pentium Computers Vulnerable to Attack?

An anonymous reader writes "One of the latest security scares is coming from security experts at CanSecWest/core '06 in the form of a possible hardware-specific attack. The attack is based on the built-in procedure that Pentium based chips use when they overheat. From the article: 'When the processor begins to overheat or encounters other conditions that could threaten the motherboard, the computer interrupts its normal operation, momentarily freezes and stores its activity, said Loïc Duflot, a computer security specialist for the French government's Secretary General for National Defense information technology laboratory. Cyberattackers can take over a computer by appropriating that safeguard to make the machine interrupt operations and enter System Management Mode, Duflot said. Attackers then enter the System Management RAM and replace the default emergency-response software with custom software that, when run, will give them full administrative privileges.'"

the sky is falling

physical access means the h4x0rs can take over your computer now, news at 11.

Security Experts Untie!

[AKAImBatman]

I am so glad that we have legions of Security Experts to protect us against every possible Rube Goldberg attack out there. Thanks to their tireless commitment to security, I can sleep safer at night by knowing that no one will take a blowtorch to my processor, install custom software, and then override the security safeguards that they could have gotten through by booting into safe mode. These people are truly a God-send. </sarcasm>

Good Times

[allanc]

Remember that old Good Times virus hoax? People who were In The Know knew that it was a hoax because it claimed that, just by opening it, it could physically destroy your computer.

Then a few years later, Microsoft brought us Outlook with automatic attachment opening, making the first part possible, and now Intel has given us the potential for the second part.

Good Times apparently wasn't a hoax, it was just ahead of its times. :)

Sensationalist

[MobyDisk]

This attack would already require the malicious software to already be running on the machine and already have super-user access. Once you get there, it doesn't matter. The attack is worthless. Unfortunately, the article is short on details - so you can't tell if there is nothing to see, or if the report is just bad. I suspect there is nothing to see.

Along a similar vein, I have developed a martial art where I can kill anyone in one blow. It requires that my opponent is already tied-up, asleep, and I have a gun.

In other news...

[endrue]

Pentium computers are vulnerable to baseball bats!

Seriously, if they have access then you are screwed anyways...

- Andrew

Good thing macs aren't vulnerable.

[numbski]

Whoo, I'm safe!

# machine
i486

Well, crap. :P

I'm Safe

[Waffle+Iron]

It's a good thing I run an old Athlon. This chip has a simple overheat handling procedure: just emit good old-fashioned smoke.

Not only do you receive a convenient olfactory signal to alert you to the situation, but you also avoid security breaches brought on by overly complex thermal management.

All Pentiums also vulnerable to DoS

[throx]

ALERT!

Pentium based machines are also vulnerable to a denial of service attack from a hacker with physical access to the machine and in the possession of a large axe. Should the attacker be wielding a pair of axes (one in each hand) then the attack would constitute a distributed denial of service.

Re:Aren't you already screwed?

[gfody]

you mean Chloe O'Brian did it while you were electrocuting president logan's nipples with a busted lamp