Originally posted by ChrisXY
View Post
Announcement
Collapse
No announcement yet.
An Effort Making An Open-Source Radeon Video BIOS
Collapse
X
-
-
I think that open source firmware for network cards is at this moment more desireable. If firmware in network card have security bug, the whole PC can become fully controlled by attacker.
Quote from first Link:
I've finally found some time to study Loic Duflot's and Yves-Alexis Perez's recent presentation from the last month on remotely attacking network cards. You can get the slides here.
In short, they're exploiting a buffer overflow in the network card's firmware by sending malicious packets to the card, and then they gain full control over the card's firmware, so they can e.g. issue DMA to/from the host memory, effectively fully controlling the host (that's another example of "Ring -3 rootkit" I would say). The buffer overflow is in some exotic management protocol (that I think is disabled by default, but that's irrelevant) implemented by the NIC's firmware (the NIC has its own RISC processor, and memory, and stack, which they overflow, etc.).
I've finally found some time to study Loic Duflot's and Yves-Alexis Perez's recent presentation from the last month on remotely attacking ne...
Comment
-
Originally posted by mmstick View PostWhy should the community care about someone's overzealous 'philosophy'; that sounds ridiculously absurd. There is nothing subjective about this. If there is no practical use for something, then it is worthless whether you agree with it or not.
Something 'cool' can't really come of this since it's just a simple BIOS that anyone could hack themselves. It's not like untapped potential is hidden in GPU BIOS's. Hardware is released with BIOS's that make full use of all their capabilities as is. Motherboard BIOS's are the only thing that would be worthy of looking into since they handle a much more significant portion of control over hardware in the system (like RAM models, timings, CPU support, etc).
It does what firmware is suppose to do, which involves controlling all the components inside the GPU. If there were really such 'broken things' as you say there are, then why don't we see these 'broken things' on Windows? The very fact that BIOS updates are never given for GPUs is a testament that such things don't happen. The only 'broken things' I see on Linux are graphics drivers and proper OpenGL libraries.
Comment
-
Quote from first link:
I've finally found some time to study Loic Duflot's and Yves-Alexis Perez's recent presentation from the last month on remotely attacking network cards. You can get the slides here.
In short, they're exploiting a buffer overflow in the network card's firmware by sending malicious packets to the card, and then they gain full control over the card's firmware, so they can e.g. issue DMA to/from the host memory, effectively fully controlling the host (that's another example of "Ring -3 rootkit" I would say). The buffer overflow is in some exotic management protocol (that I think is disabled by default, but that's irrelevant) implemented by the NIC's firmware (the NIC has its own RISC processor, and memory, and stack, which they overflow, etc.).
I've finally found some time to study Loic Duflot's and Yves-Alexis Perez's recent presentation from the last month on remotely attacking ne...
"Can you still trust your network card?" by Lo?c Duflot, Yves-Alexis Perez, Guillaume Valadon, Olivier Levillain.
Comment
-
Originally posted by oliver View PostIf anybody could just 'hack it themselves' then it would have been long done. Look at your history, RadeonHD driver, where it was proposed to use the registers directly without Atombios. RadeonHD didn't evolve vast enough (much harder) and people didn't really care for it. But that's with a lot of things in life, Usually things that are 'better', be it technically or ethically, get little support. Sad, but true.
Ok that's just the most stupidest answer here. Because they do work around in their catalyst drivers? DUH. Really. Duh. They can re-implement the entire bios in software to fix anything simply because a) they know how the hardware works, b) know what to expect from the bios and if not, do it in software anyway.
Comment
-
Originally posted by mmstick View PostIt does what firmware is suppose to do, which involves controlling all the components inside the GPU. If there were really such 'broken things' as you say there are, then why don't we see these 'broken things' on Windows? The very fact that BIOS updates are never given for GPUs is a testament that such things don't happen. The only 'broken things' I see on Linux are graphics drivers and proper OpenGL libraries.
as a man, who patched VBIOS'es in his cards for various reasons, including inadequate defaults, on his Windows-running PCs as long as 10 years ago, i can tell that you don't know what you blabbering about.
PS: and "the very fact that BIOS updates are never given for GPUs is a testament that" VBIOS updates are easy to fuck up, not highly necessary to run the card at all (like with MB BIOS'es and their CPU support) and VBIOS faults are more easily worked-around with proprietary driver updates that override them.
Originally posted by mmstick View PostAll communications have to go through this BIOS, else there wouldn't be much point in making a BIOS
Originally posted by mmstick View PostDo you really think multibillion dollar companies would have their products running on dysfunctional BIOSs?
Comment
-
I think that open source firmware for network cards is more desired, because could be more secure. If firmware is vulnerable then everybody could remotely get into PC. Quote from first link:
I've finally found some time to study Loic Duflot's and Yves-Alexis Perez's recent presentation from the last month on remotely attacking network cards. You can get the slides here.
In short, they're exploiting a buffer overflow in the network card's firmware by sending malicious packets to the card, and then they gain full control over the card's firmware, so they can e.g. issue DMA to/from the host memory, effectively fully controlling the host (that's another example of "Ring -3 rootkit" I would say). The buffer overflow is in some exotic management protocol (that I think is disabled by default, but that's irrelevant) implemented by the NIC's firmware (the NIC has its own RISC processor, and memory, and stack, which they overflow, etc.).
Read more there:
Article: "Remotely Attacking Network Cards (or why we do need VT-d and TXT)" Author: Joanna Rutkowska
I've finally found some time to study Loic Duflot's and Yves-Alexis Perez's recent presentation from the last month on remotely attacking ne...
Presentation: "Can you still trust your network card?" Authors: Lo?c Duflot, Yves-Alexis Perez, Guillaume Valadon, Olivier Levillain.
Last edited by coastiron; 28 July 2013, 07:32 AM.
Comment
-
Originally posted by mmstick View PostIt does what firmware is suppose to do, which involves controlling all the components inside the GPU. If there were really such 'broken things' as you say there are, then why don't we see these 'broken things' on Windows? The very fact that BIOS updates are never given for GPUs is a testament that such things don't happen. The only 'broken things' I see on Linux are graphics drivers and proper OpenGL libraries.
Comment
-
Originally posted by mmstick View PostWhat's the point?
Still, even knowing this, it still seems like a waste of time to me. The price differences between such models is negligible considering the cost in man-hours of a person skilled enough to pull something like this off. A person this skilled in disassembling machine code could work on something like Nouveau where his contribution would matter to millions. Or maybe help bridging the gap between the open source AMD drivers and the closed source ones.
Comment
Comment