Security question (sort of)

From: Eric Smith <eric_at_brouhaha.com>
Date: Sat Mar 20 00:25:12 1999

Jason wrote:

> A virus planted by a hacker can damage hardware by "eating" at the chips,

I'm not a virus expert, but I am an experienced embedded systems programmer,
and have done some hardware design. That said, this claim sounds completely
ridiculous to me, on par with an urban legend. Care to explain this from a
electronics (or physics, or chemistry) point of view?

> or just scrambling the code in the chip.

In a flash BIOS, maybe, although that would be tend to be specific to a
certain motherboard. There's no general way to write a virus that can trash
the BIOS on any arbitrary motherboard, because unlike much of the
"PC standard", there is not a stanard for how the flash BIOS programming
works. Different motherboards use different types of flash chips that
have different programming requirements.

I've never yet heard of a virus doing this, although I'll concede that it is
possible. Decent motherboards require you to physically move a jumper in
order to enable programming the BIOS, to prevent exactly this kind of problem.

However, changing the BIOS such that the machine still booted but simply
didn't have INT 13 serial support wouldn't prevent all software from
using the serial port. Most software these days doesn't even bother to
go through the BIOS to access the ports, because (1) the BIOS interface
is incredibly lame, and (2) on some machines the BIOS functions don't even
work correctly.

> (I know someone (Ironically, it's the sister of the person that did this
> to my computer), who's keyboard controller chip got scrambled.

Sounds like a complete coincidence to me. Except for exotic (and fairly
expensive) keyboards, the firmware is in masked ROM inside a microcontroller,
and there is no way to modify it without physically replacing the chip.

Eric
Received on Sat Mar 20 1999 - 00:25:12 GMT