Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kaspersky To Demo Attack Code For Intel Chips

Posted by ScuttleMonkey on from the also-releasing-a-paint-by-number dept.

snydeq writes "Kris Kaspersky will demonstrate how attackers can target flaws in Intel microprocessors to remotely attack a computer using JavaScript or TCP/IP packets, regardless of OS. The demo will be presented at the Hack In The Box Security Conference in Kuala Lumpur in October and will show how processor bugs can be exploited using certain instruction sequences and a knowledge of how Java compilers work, allowing an attacker to take control of the compiler. The demonstrated attack will be made against fully patched computers running a range of OSes, including Windows XP, Vista, Windows Server 2003, Windows Server 2008, Linux, and BSD. An attack against a Mac is also a possibility."

36 of 303 comments (clear)

  1. Heh... by pushing-robot · · Score: 5, Funny

    At least I know I'm safe because I run... Oh, crap.

    --
    How can I believe you when you tell me what I don't want to hear?
    1. Re:Heh... by mjs_ud · · Score: 3, Funny

      Time to pull the ethernet cable out. Would someone like to send me the slashdot articles via USPS? There aren't any potential problems with that solution are there? Wait...please send anthrax free too.

      --
      return EXIT_SUCCESS;
    2. Re:Heh... by phorm · · Score: 5, Funny

      At least I know I'm safe because I run...

      AMD?

    3. Re:Heh... by Kamineko · · Score: 2, Funny

      An Amiga? :)

    4. Re:Heh... by Anonymous Coward · · Score: 2, Funny

      Transmeta?

      Via?

      Sparc?

    5. Re:Heh... by Darkness404 · · Score: 1, Funny

      There aren't any potential problems with that solution are there?

      Except if you want them to arrive on time, have friendly support, sort through them getting lost in the mail and the rest of the joys that our government has imposed on us.

      --
      Taxation is legalized theft, no more, no less.
    6. Re:Heh... by Kamineko · · Score: 4, Funny

      Cut it out! No amount of magic spells are going to mitigate this damage!

    7. Re:Heh... by cleatsupkeep · · Score: 2, Funny

      At least I know I'm safe because I run... Oh, crap.

      I'm sure AMD fans will make a point that they are protected in this case.

      But on the flip side, they run AMD. :-).

    8. Re:Heh... by mweather · · Score: 5, Funny

      Sure, if you run the host computer with an AMD chip. But that would be silly.

    9. Re:Heh... by mweather · · Score: 2, Funny

      You haven't used UPS, FedEx or DHL recently, have you?

    10. Re:Heh... by jimbolauski · · Score: 5, Funny

      My Chinese knockoff fentium processor will be safe.

      --
      Knowledge = Power
      P= W/t
      t=Money
      Money = Work/Knowledge so the less you know the more you make
    11. Re:Heh... by elrous0 · · Score: 4, Funny

      For the first time in a two years, I'm actually glad I went with AMD.

      --
      SJW: Someone who has run out of real oppression, and has to fake it.
    12. Re:Heh... by XnavxeMiyyep · · Score: 2, Funny

      We still do have competition. UPS, FedEx, etc. The government just supplies a cheap alternative that people elect to use.

      --
      I put the 't' in electrical engineering.
    13. Re:Heh... by Anonymous Coward · · Score: 1, Funny

      Yes, yes yes. In fact, every tick of the clock cycle of an Intel chip is like a turd falling into my DRINK. I couldn't be bothered with that bunch of crap either, not to mention it makes for a very nasty drink. Very, very nasty.

  2. That's Nothing, This November I'm Going To... by ergo98 · · Score: 5, Funny

    ...demonstrate how you can make a 1GW fusion reactor out of nothing but a sweaty gym sock and the corpse of a field mouse.

    No, seriously. 100%. Cross my heart.

    1. Re:That's Nothing, This November I'm Going To... by Yvan256 · · Score: 3, Funny

      Macgyver is that you?

    2. Re:That's Nothing, This November I'm Going To... by Anonymous Coward · · Score: 1, Funny

      Show me this field mouse. What kind of 'field' was the mouse in? Define sweaty and also sock. Gym had better have a refined definition also. I trust you on the rest. No, really. 100%. Cross my heart.x

    3. Re:That's Nothing, This November I'm Going To... by Thelasko · · Score: 5, Funny

      I'd be more impressed if you demonstrated a working 86 Ford Escort.

      --
      One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
  3. GNU Hurd Wins Again by y86 · · Score: 4, Funny

    It's OK I run hurd.

    1. Re:GNU Hurd Wins Again by jamieswith · · Score: 3, Funny

      Yeah, you have nothing to worry about - not even the virus writers make programs for hurd!

  4. java: write once... by Anonymous Coward · · Score: 3, Funny

    ...hack everywhere

  5. Don't worry. . . by Zenaku · · Score: 2, Funny

    I'm sure Intel will release a patch. ;)

    --
    If fate makes you a motorcycle, you become a motorcycle.
    1. Re:Don't worry. . . by ymail.com · · Score: 4, Funny

      If Intel doesn't release that hardware patch, it's time to go play in another Sandbox.

      Or else go back to 1999 where Pentium III machines with Intel's processor ID enabled in CMOS enable shoppers to have an "enhanced online experience" while they run IE 4.01 from Windows machines that aren't behind a firewall ... to safely prove who they are to websites.

  6. Re:Java or Javascript? by xzaph · · Score: 3, Funny

    Obviously, it's Javascript implemented in Java.

  7. That's it... by Thelasko · · Score: 4, Funny

    no amount of tinfoil can protect me from this exploit. Only one thing left to do...

    *unplugs ethernet adapter*
    [NO CARRIER]

    --
    One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
    1. Re:That's it... by ColdWetDog · · Score: 2, Funny

      *unplugs ethernet adapter*
      [NO CARRIER]

      Hate to break the news to you, but that "ethernet" cable you unplugged was a phone cord leading to a modem. And you thought you had broadband ...

      But you can't hear me now, can you?

      --
      Faster! Faster! Faster would be better!
    2. Re:That's it... by db32 · · Score: 2, Funny

      I'm currious what kind of ethernet adapter uses a carrier. I mean, modems do, because they MOdulate and DEModulate a signal with a [CARRIER] and with [NO CARRIER] the MO-DEM fails. Of course, it could be that you are safe from this exploit by using this new fangled ethernet adapter and don't need to unplug.

      --
      The only change I can believe in is what I find in my couch cushions.
  8. Publicly available? by AlHunt · · Score: 3, Funny

    "I'm going to show real working code...and make it publicly available," Kaspersky said,

    Indeed. And are you going to make patches publicly available for all the hardware and operating systems in the world, too?

    --
    1 in 4 Maine children in struggle with hunger.
  9. SPARC machines running Solaris are safe! by Anonymous Coward · · Score: 1, Funny

    That's right. Another pro for Sun machines.

  10. Wait as second... by djsath · · Score: 1, Funny

    I thought it was the year of the Linux desktop

  11. Plan 9 baby by Bananatree3 · · Score: 3, Funny

    I run Hurd through an emulator on a Plan 9 box. hack that!

  12. Im sure his Anti Virus will stop it :) by Jackie_Chan_Fan · · Score: 2, Funny

    And slow windows to a crawl.

  13. Re:They may by hostyle · · Score: 2, Funny

    If this can consistently crash my computer regardless of OS or browser, I'd sure as hell update my BIOS.

    This is a big deal.

    I guess they'll be calling it the Ron Burgundy exploit.

    --
    Caesar si viveret, ad remum dareris.
  14. Discovery channel by Mathness · · Score: 5, Funny

    As seen on today's TV schedule for Discovery

    Now showing: Intel, when code attacks.
    Next show: Lasers.
    Next week: Shark week.

    --
    Carbon based humanoid in training.
  15. double u tee eff by azzuth · · Score: 2, Funny

    The only thing I got from that was "slave drone troll" So I'll assume you are speaking in trollish, and a dialect I'm not familar with. At any rate, I was wondering if you would be so kind as to give me your bank account number, as I have a large sum of money that I need to secure for this prince friend of mine...

  16. Jesus saves and takes no damage (evasion) by Anonymous Coward · · Score: 1, Funny

    > Cut it out! No amount of magic spells are going to mitigate this damage!

    Yeah, you need a saving throw to do that.