|Hacker finds hidden 'god mode' on old x86 CPUs|
|By Thom Holwerda, submitted by Kochise on 2018-08-11 16:25:47|
Some x86 CPUs have hidden backdoors that let you seize root by sending a command to an undocumented RISC core that manages the main CPU, security researcher Christopher Domas told the Black Hat conference here Thursday (Aug. 9).
The command - ".byte 0x0f, 0x3f" in Linux - "isn't supposed to exist, doesn't have a name, and gives you root right away," Domas said, adding that he calls it "God Mode."
The backdoor completely breaks the protection-ring model of operating-system security, in which the OS kernel runs in ring 0, device drivers run in rings 1 and 2, and user applications and interfaces ("userland") run in ring 3, furthest from the kernel and with the least privileges. To put it simply, Domas' God Mode takes you from the outermost to the innermost ring in four bytes.
That's one hell of a bug.
- How China used a tiny chip to infiltrate US companies - 2018-10-04
- Lenovo: Companies working in China install local backdoors - 2018-09-19
- Dozens of iOS, Android apps secretly share location data - 2018-09-10
- US, others ask companies to build backdoors into encryption - 2018-09-06
- More related articles