As if writing software without exploits is hard enough,
now we have the most popular computer architecture,
the Intel x86 line of CPUs,
with a potential hole large enough to drive the NSA through.
In a DEF CON talk,
Christopher Domas shows how he found an exploit on a particular version of the x86 CPU that allowed him to gain total control over the computer without the operating system even knowing about it.
All it involved is one undocumented instruction that enables access to a hidden CPU inside the x86 CPU
perhaps allow direct access to the underlying core that is simply interpreting the x86 ISA)
followed by multiple copies of an x86 instruction that actually feeds instructions directly to this inner CPU that bypass all system checks because this inner CPU has access to everything
(from user mode,
and if you understand that statement,
you know how bad it is).
this is only for a particular x86 implementation,
but who knows what evils lurk in the heart of CPUs?
Probably the NSA.
Obligatory Contact Info
You have my permission to link freely to any entry here. Go
ahead, I won't bite. I promise.
The dates are the permanent links to that day's entries (or
entry, if there is only one entry). The titles are the permanent
links to that entry only. The format for the links are
simple: Start with the base link for this site: http://boston.conman.org/, then add the date you are
interested in, say 2000/08/01,
so that would make the final URL:
You can also specify the entire month by leaving off the day
portion. You can even select an arbitrary portion of time.
You may also note subtle shading of the links and that's
intentional: the “closer” the link is (relative to the
page) the “brighter” it appears. It's an experiment in
using color shading to denote the distance a link is from here. If
you don't notice it, don't worry; it's not all that
It is assumed that every brand name, slogan, corporate name,
symbol, design element, et cetera mentioned in these pages is a
protected and/or trademarked entity, the sole property of its
owner(s), and acknowledgement of this status is implied.