duangsuse Puts

Forwarded from Deleted Account

[niconiconi] zerons: 其实是引申类比的

2 views02:14

duangsuse Puts

Forwarded from Deleted Account

[niconiconi] zerons: 本身不是一个真正的 Ring

2 views02:14

duangsuse Puts

Forwarded from Deleted Account

[zerons] @niconiconi: 硬盘控制器其实也可以做成一个包含这些功能的东西, 只要再插入一些硬件即可

2 views02:14

duangsuse Puts

Forwarded from Deleted Account

[niconiconi] zerons: 那这就是植入物理后门了

2 views02:14

duangsuse Puts

Forwarded from Deleted Account

[niconiconi] zerons: 而 ME 就是一个现成的（滑稽

2 views02:14

duangsuse Puts

Forwarded from Deleted Account

[persmule.y] agreed。

2 views02:14

duangsuse Puts

Forwarded from Deleted Account

[zerons] 差不多是的. 从软件的角度, 我们是可以控制整个硬盘的, 也就控制了整个用户系统

2 views02:14

duangsuse Puts

Forwarded from Deleted Account

[zerons] 那问题来了, 有哪些硬件厂商是可信的呢

2 views02:14

duangsuse Puts

Forwarded from Deleted Account

[niconiconi] zerons: 但就算控制了用户系统，那也是 Ring 0

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[zerons] @niconiconi: 效果其实差不多的吧, ring0能干的事, 用户的任何信息其实都能搞到的

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[zerons] 一台裸机, 里面有个RING-3的MINIX, 没有用户还是什么都干不了. 用户能操作也就RING0-3这些.

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[persmule.y] 图样。

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[niconiconi] zerons: 但区别就是，Ring 3 的攻击你可以检测出来，Ring 0 的攻击和你平级，原则上也可以加固系统降低攻击面，也可以审计出来；< Ring 0 的攻击完全在内核的控制范围之外

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[persmule.y] ring -3 可以直接调试你 ring 0 的内存。

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[persmule.y] 它还控制着网卡，可以直接把偷到的数据传出去，OS 完全无法察觉。

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[niconiconi] 入侵者是从更高维度的空间对你发起打击的，你毫无任何办法，可以参考科幻小说

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[CyrusYzGTt] 降维打击

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[zerons] 因为我目前对这个东西整体的结构还不清楚

3 views02:14

duangsuse Puts

Forwarded from Leonard Woo

https://en.wikipedia.org/wiki/Protection_ring

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[zerons] 但是之前对硬盘的固件是进行过处理的, 所以对那个固件的操作的影响还算比较清楚

3 views02:14

duangsuse Puts

Forwarded from Deleted Account

[niconiconi] zerons: 可以先看看以前基于 Ring -2 的研究 https://it.slashdot.org/story/15/08/07/1127222/researcher-exploits-18-year-old-design-flaw-to-compromise-x86-chips/

it.slashdot.org

Researcher Exploits 18-Year-Old Design Flaw To Compromise X86 Chips

jfruh writes: Security researcher Christopher Domas has demonstrated a method of installing a rootkit in a PC's firmware that exploits a feature built into every x86 chip manufactured since 1997. The rootkit infects the processor's System Management Mode…

3 views02:14

About

Blog

Apps

Platform