23 Aug
2006
23 Aug
'06
6:06 p.m.
Don stated
And you have to ensure that there is *no* way the user
can
execute code *before* your interpreter/virtual machine/etc.
gains control of the CPU. I.e., at the very least, you
need physical control over the machine. This isnt possible
in all cases (e.g., a consumer device!)
You can make it very difficult, though.
The X-box uses cryptographic hashes, the AS/400 uses completely undocumented (in the
public sphere)
hardware instructions.
23 Aug
23 Aug
7:44 p.m.
On Wednesday 23 August 2006 21:06, Scott Quinn wrote:
Don stated
For the AS/400, it's *used to*... Newer AS/400 and iSeries boxes use PowerPC
microprocessors, for which the ISA documentation is readily available. You
may not be able to easily execute PowerPC instructions under OS/400 (or iOS),
but you can also run Linux on them now (which IBM even supports).
Well, and it's fairly easy to defeat the old X-box's security if you want to
spend some $$$ on a kit and time with a soldering iron (or have the right
game with a buffer overflow vulnerability :).
Pat
--
Purdue University ITAP/RCAC --- http://www.rcac.purdue.edu/
The Computer Refuge --- http://computer-refuge.org
And you have to ensure that there is *no* way the
user can
execute code *before* your interpreter/virtual machine/etc.
gains control of the CPU. I.e., at the very least, you
need physical control over the machine. This isnt possible
in all cases (e.g., a consumer device!)
You can make it very difficult, though.
The X-box uses cryptographic hashes, the AS/400 uses completely
undocumented (in the public sphere) hardware instructions. 
8:12 p.m.
On 8/23/2006 at 10:44 PM Patrick Finnegan wrote:
Well, and it's fairly easy to defeat the old
X-box's security if you want
to
spend some $$$ on a kit and time with a soldering iron (or have the right
game with a buffer overflow vulnerability :).
...and then there's the endless firmware-upgrade-and-crack game as played
with the Sony PSP.
--Chuck
8:27 p.m.
Scott Quinn wrote:
Don stated
I just don't let them inside the case! :>
And you have to ensure that there is *no* way the
user can
execute code *before* your interpreter/virtual machine/etc.
gains control of the CPU. I.e., at the very least, you
need physical control over the machine. This isnt possible
in all cases (e.g., a consumer device!)
You can make it very difficult, though.
The X-box uses cryptographic hashes, the AS/400 uses completely undocumented (in the
public sphere)
hardware instructions.
6695
days inactive
6695
days old
3 comments
4 participants
participants (4)
-
cclist@sydex.com -
compoobah@valleyimplants.com -
pat@computer-refuge.org -
THX1138@dakotacom.net