Archive for August 2018

“God Mode” Backdoor

Some x86 CPUs have hidden backdoors that let you seize root by sending a command to an undocumented RISC core that manages the main CPU, security researcher Christopher Domas told the Black Hat conference here Thursday (Aug. 9).

The command — “.byte 0x0f, 0x3f” in Linux — “isn’t supposed to exist, doesn’t have a name, and gives you root right away,” Domas said, adding that he calls it “God Mode.”

The backdoor completely breaks the protection-ring model of operating-system security, in which the OS kernel runs in ring 0, device drivers run in rings 1 and 2, and user applications and interfaces (“userland”) run in ring 3, furthest from the kernel and with the least privileges. To put it simply, Domas’ God Mode takes you from the outermost to the innermost ring in four bytes.

“We have direct ring 3 to ring 0 hardware privilege escalation,” Domas said. “This has never been done.”

That’s because of the hidden RISC chip, which lives so far down on the bare metal that Domas half-joked that it ought to be thought of as a new, deeper ring of privilege, following the theory that hypervisors and chip-management systems can be considered ring -1 or ring -2.

“This is really ring -4,” he said. “It’s a secret, co-located core buried alongside the x86 chip. It has unrestricted access to the x86.”

The good news is that, as far as Domas knows, this backdoor exists only on VIA C3 Nehemiah chips made in 2003 and used in embedded systems and thin clients. The bad news is that it’s entirely possible that such hidden backdoors exist on many other chipsets.

Full read here.

https://github.com/xoreaxeaxeax/rosenbridge

More fuzzing:

https://github.com/xoreaxeaxeax/sandsifter

Breaking the x86 ISA

Fuzzing on Edison

Notes on Intel microcode

Drones, drones, drones. Our new overlords?

NASA is pursuing a program that integrates unmanned aircraft systems (UAS) into the National Airspace System, or UAS-NAS. This involves identifying, developing, and testing the technologies and procedures that will make it possible for UAS to have routine access to airspace occupied by human-piloted aircraft.

Four NASA centers support the UAS-NAS project: NASA’s Ames Research Center and Armstrong Flight Research Center in California, Langley Research Center in Virginia, and Glenn Research Center in Ohio.

The UAS-NAS project is within the Integrated Aviation Systems Research Program, managed by NASA’s Aeronautics Research Mission Directorate at NASA Headquarters in Washington, D.C.

The project uses modeling, simulations, and flight tests to develop and test technologies that provide safe, effective, secure capabilities including detect and avoid (DAA) and command and control (C2).

Read further here.

ADELPHI, Md. – U.S. Army unmanned weapons experts are negotiating with Lockheed Martin Corp. to develop high-power microwave (HPM) weapons payloads to enable new generations of unmanned aerial vehicles (UAVs) to destroy or disable enemy drones.

Officials of the Adelphi contracting division of the Army Contracting Command at Aberdeen Proving Ground, Md., announced plans Friday to negotiate sole-source with the Lockheed Martin Missiles and Fire Control division in Grand Prairie, Texas, on an HPM UAV weapons project.

Lockheed Martin engineers will develop high-powered-microwave airborne counter unmanned aircraft systems (CUAS), including the necessary development, integration, and support necessary to field HPM weapons-equipped UAVs.

Specifically, Army leaders want Lockheed Martin to develop HPM weapons and other kinds of UAV payloads able to disable or destroy adversary UAVs. Weapons payloads for UAVs that are under consideration include explosives, nets, entanglers, streamers, and high-powered-microwave systems.

High-power microwaves represent a class of non-lethal weapons designed to destroy or disable enemy electronic systems with jolts of powerful electrical energy. It can fry electronics in much the same way as the electromagnetic pulse (EMP) from a nuclear detonation can disrupt electronics.

Full article here.

WASHINGTON – Some of the most iconic weapons of the past 17 years of war are quickly becoming a relic of the past, top Air Force officials say. Breaking Defense reports. Continue reading original article

The Military & Aerospace Electronics take:

6 Aug. 2018 — The Air Force is rushing toward a mix of almost-ready and yet-to-be-developed technologies, including artificial intelligence (AI), cloud computing, hypersonics, drone swarms, and clouds of tiny cubesats capable of sucking up data and beaming it back down to operators the ground in real time.

After running red team exercises looking at what some of the biggest future challenges might be for the Air Force, leaders concluded that the Predator and Global Hawk unmanned aerial vehicles (UAVs) of today are not far away from becoming mere museum pieces.

Not only does the Air Force want to get its people away from staring at computer screens to recognize, interpret, and identify what they’re seeing, but also seeks to develop processing and exploitation at the sensor. [from M&AE]