|
|
Post by the light works on Oct 23, 2014 18:43:45 GMT
so you can, as long as it is not a modern home computer... If you can break stuff that's connected via something as (supposedly) secure as a computer in a nuclear plant, I think it would be much easier to do it with a home computer. I think you'll find that the people behind this just aren't interested in breaking Mrs. Johnson's printer... a PLC is an industrial control computer. yes, it has the potential to use up something more substantial than an ink cartridge or a ream of paper; but the PLC itself is not damaged, unless they find a way to actually cause it to crash a machine into itself. |
|
|
|
Post by GTCGreg on Oct 23, 2014 18:44:03 GMT
Stuxnet virus, well technically it was a worm, was introduced into networked computers in Iran. Once any networked computer was infected, it was designed to find any centrifuge PLC's (Programmable Logic Controllers) connected to the network and cause them to overspeed and destroy the centrifuges. It was believed that over 1/5 of all Iran's centrifuges were physically destroyed by the virus.
|
|
|
|
Post by wvengineer on Oct 24, 2014 2:05:45 GMT
|
|
|
|
Post by GTCGreg on Oct 24, 2014 2:21:40 GMT
Just because the virus came in the form of an update from MS, doesn't mean it's still not a virus. I have a USB to MIDI adapter cable. I have no idea what kind of uart chip is in it nor should I. If it gets bricked because of a Windows update, I'm gonna be pretty POed. |
|
|
|
Post by the light works on Oct 24, 2014 4:16:13 GMT
Just because the virus came in the form of an update from MS, doesn't mean it's still not a virus. I have a USB to MIDI adapter cable. I have no idea what kind of uart chip is in it nor should I. If it gets bricked because of a Windows update, I'm gonna be pretty POed. some people claim that windows is a virus, but other people point out that viruses are malicious software designed to cause problems - which means windows is a bug. |
|
|
|
Post by silverdragon on Oct 24, 2014 8:35:54 GMT
You know how funny that is to a software developer, right?...
And its kinda true as well.
Now we have to define what is a Virus.
First its UNWANTED software that was not downloaded by choice.
Which could also be used to look at certain Wind-bodge updates?...
It has then to be harmful to the end users interests... again, certain wondows updates.
It has to be downloaded without consent.....
And that is definite of certain "Cardspace" type wonkywoes updates that have no use to many people.
It has to harm the computer, which windows search 4 does, because of its continual indexing of all drives, it overloads the CPU and can cause expressive unwarranted wear on read-write parts.
Damn, I aint doing very well with this definition am I?....
But anyway, Viruses are not to be confused with Software where Software is user controlled and user selected software.
I have something that does a deep search and destroy of junk files...
if used wrong, I can brick the operating system in a way that could be harmful to the computer.
I also have a destroy system that can overwrite a file many times beyond the capabilities of recovery by any know software on this planet at this time....
Use that to overwrite a couple of dozen gigabyte files on maximum wipe, and it will overheat the hard drive... bricked.....
(It has a background wipe ability that monitors the health of S.M.A.R.T drives and keeps an eye on heat....)
So user controlled software?... confirmed, I can kill a computer with relative ease.
Does Viruses and other unwanted software have the ability to do that?.. myth barely plausible at this moment verging on I dont believe it can without some form of user consent, on a fully protected system, I believe not plausible.
|
|
|
|
Post by c64 on Oct 24, 2014 11:44:29 GMT
The question can be narrowed down to "Can software damage or destroy the hardware of a computer?" Yes, it can! In early computing, you could cause tremendous physical damage to a computer. Driving the R/W heads of old HDD systems with a specific frequency could make the HDD crash. This grinds off the top layer of the disc causing physical damage. In the early HDD systems, you could replace the discs since it wasn't that uncommon that those things crash on their own. But you could also rattle the system so violently that the expensive mechanics of the HDD station breaks or even make the entire heavy unit trip over!   Of course, the operator would instantly shut it down when it starts to make creepy noises. But even the "microcomputers" for office desks and as home computers could be physically damaged. The manual how to program EGA graphics tells you numerous times to shut down the screen before changing the video mode. I f you don't and switch the graphic mode rapidly, high line frequencies are generated and those feed the HV transformer. Either the transformer burns out or the CRT arcs and the entire monitor can catch on fire. Even the C64 could be damaged. Just switch the Joystick ports to output and then let the user wiggle the Joystick to burn out the I/O chip by causing short circuits. The next generation of the "PET" (CBM 2000 series) also had a problem. Since this was the first wildly used office and home computer, this "hack" became famous as the "Killer POKE": en.wikipedia.org/wiki/Killer_pokeBut even modern systems can be affected. The BIOS can be upgraded by software. Overwriting the BIOS with garbage "bricks" the computer, you need to replace the physical chip in order to "unbrick" it. In the latest systems, a "shadow BIOS" is used and the chips are directly soldered to the board because if the regular update fails, the backup BIOS is used and you can try again flashing the BIOS. But by uploading data which seems to be a valid BIOS, the shadow BIOS won't kick in and the fake BIOS does nothing except e.g. mocking you with messages instead of booting your computer. You can slow down or even stop the fans to reduce the lifetime of a computer by overheating. Even Smartphones can be destroyed easily, this usually happens during "jailbreaks". The most famous "hardware damaging virus" is the computer worm Stuxnet: en.wikipedia.org/wiki/Stuxnetso you can, as long as it is not a modern home computer... Especially if it is one. Just "upgrade" the BIOS (or EFI) and you need very special tools to fix it. |
|
|
|
Post by the light works on Oct 24, 2014 12:28:22 GMT
You know how funny that is to a software developer, right?... And its kinda true as well. Now we have to define what is a Virus. First its UNWANTED software that was not downloaded by choice. Which could also be used to look at certain Wind-bodge updates?... It has then to be harmful to the end users interests... again, certain wondows updates. It has to be downloaded without consent..... And that is definite of certain "Cardspace" type wonkywoes updates that have no use to many people. It has to harm the computer, which windows search 4 does, because of its continual indexing of all drives, it overloads the CPU and can cause expressive unwarranted wear on read-write parts. Damn, I aint doing very well with this definition am I?.... But anyway, Viruses are not to be confused with Software where Software is user controlled and user selected software. I have something that does a deep search and destroy of junk files... if used wrong, I can brick the operating system in a way that could be harmful to the computer. I also have a destroy system that can overwrite a file many times beyond the capabilities of recovery by any know software on this planet at this time.... Use that to overwrite a couple of dozen gigabyte files on maximum wipe, and it will overheat the hard drive... bricked..... (It has a background wipe ability that monitors the health of S.M.A.R.T drives and keeps an eye on heat....) So user controlled software?... confirmed, I can kill a computer with relative ease. Does Viruses and other unwanted software have the ability to do that?.. myth barely plausible at this moment verging on I dont believe it can without some form of user consent, on a fully protected system, I believe not plausible. you know that's who I got that joke from, right? |
|
|
|
Post by the light works on Oct 24, 2014 12:29:57 GMT
so you can, as long as it is not a modern home computer... Especially if it is one. Just "upgrade" the BIOS (or EFI) and you need very special tools to fix it. my brother is the computer expert of the family, not me, but from my limited understanding, "need special tools to fix it" falls just a smidgen short of "not fixable" |
|
|
|
Post by GTCGreg on Oct 24, 2014 14:26:20 GMT
Just because the virus came in the form of an update from MS, doesn't mean it's still not a virus. I have a USB to MIDI adapter cable. I have no idea what kind of uart chip is in it nor should I. If it gets bricked because of a Windows update, I'm gonna be pretty POed. some people claim that windows is a virus, but other people point out that viruses are malicious software designed to cause problems - which means windows is a bug. The update in question wasn't developed by Microsoft. It was a driver update written by the company that manufactured the specific chip in question. If the update was solely written to enhance features or performance of their product and had the unintended consequence of bricking the bootlegged chips, then that's fine. But if a specific part of the updated code was only there to disable the products using the bootlegged chip, as the linked article would suggest, then it was a virus and Microsoft is guilty of distributing it as such. hackaday.com/2014/10/22/watch-that-windows-update-ftdi-drivers-are-killing-fake-chips/ |
|
|
|
Post by silverdragon on Oct 24, 2014 14:34:44 GMT
Thats getting into the area of home build computing.
If I buy an MSI board and insert a ATI chip thats my choice............. isnt it?.....
If they then put out a motherboard update that disables the chipset, then they have broken contract.
|
|
|
|
Post by GTCGreg on Oct 24, 2014 14:59:00 GMT
Thats getting into the area of home build computing. If I buy an MSI board and insert a ATI chip thats my choice............. isnt it?..... If they then put out a motherboard update that disables the chipset, then they have broken contract. No, not necessary just homebuilt. Many of the products that are being bricked are off-the-shelf purchased products. The users have no idea what kind of chip is in it. All they know is they bought a device to do a specific job, and then along comes an update that was specifically designed to permanently render that device inoperable. In other words, destroy the hardware. |
|
|
|
Post by wvengineer on Oct 25, 2014 0:05:14 GMT
Apparently, the company who made the driver in question is pulling it. hardware.slashdot.org/story/14/10/24/1330252/ftdi-removes-driver-from-windows-update-that-bricked-cloned-chipsWhat I am reading is that there are a number of legal issues here. It is one thing to have a driver that won't work with a device, but in a number of countries, it is considered unauthorized modification of computer hardware and is illegal. Basically they are intentionally breaking equipment they do not own. I also wonder if Microsoft put some pressure on them as well. They likely do not want to be in the middle of a potential legal minefield. They could get sucked in as an accomplice for delivery. MS may have its reputation, but I doubt they want to be seen as the portal that enabled people hardware to be damaged. |
|
|
|
Post by GTCGreg on Oct 25, 2014 2:17:56 GMT
Apparently, the company who made the driver in question is pulling it. hardware.slashdot.org/story/14/10/24/1330252/ftdi-removes-driver-from-windows-update-that-bricked-cloned-chipsWhat I am reading is that there are a number of legal issues here. It is one thing to have a driver that won't work with a device, but in a number of countries, it is considered unauthorized modification of computer hardware and is illegal. Basically they are intentionally breaking equipment they do not own. I also wonder if Microsoft put some pressure on them as well. They likely do not want to be in the middle of a potential legal minefield. They could get sucked in as an accomplice for delivery. MS may have its reputation, but I doubt they want to be seen as the portal that enabled people hardware to be damaged. Legalities may have played a roll, but there seems to be be a large backlash from the computer community that also seems to be at play in questioning the ethics of a company that would do such a thing. |
|
|
|
Post by the light works on Oct 25, 2014 5:57:13 GMT
Apparently, the company who made the driver in question is pulling it. hardware.slashdot.org/story/14/10/24/1330252/ftdi-removes-driver-from-windows-update-that-bricked-cloned-chipsWhat I am reading is that there are a number of legal issues here. It is one thing to have a driver that won't work with a device, but in a number of countries, it is considered unauthorized modification of computer hardware and is illegal. Basically they are intentionally breaking equipment they do not own. I also wonder if Microsoft put some pressure on them as well. They likely do not want to be in the middle of a potential legal minefield. They could get sucked in as an accomplice for delivery. MS may have its reputation, but I doubt they want to be seen as the portal that enabled people hardware to be damaged. Legalities may have played a roll, but there seems to be be a large backlash from the computer community that also seems to be at play in questioning the ethics of a company that would do such a thing. which then leaves the question of how long that company will continue to exist. |
|
|
|
Post by c64 on Oct 25, 2014 9:50:04 GMT
It was believed that over 1/5 of all Iran's centrifuges were physically destroyed by the virus. Actually not. If the centrifuges would have been damaged, Iran would have noticed this pretty quickly and pull the plug. The beauty was that the centrifuges ran slightly too fast and too slow so that everything looked normal (according to the readings) but those things didn't produce any useful material for more than a year. |
|
|
|
Post by silverdragon on Oct 25, 2014 9:57:44 GMT
Going to the update killing machines part, forced to support a chipset that you didnt make, or supporting your own.
Hmmmm......
I know the people bought "In good faith", but how long is a duty of care when its found that you bought them off someone who duped you?.
If you have unwittingly bought something that is fake, do you not have the right to return to the vender and demand compensation, retribution, etc?....
I just throw this in for devils advocate.
|
|
|
|
Post by GTCGreg on Oct 25, 2014 12:48:11 GMT
It was believed that over 1/5 of all Iran's centrifuges were physically destroyed by the virus. Actually not. If the centrifuges would have been damaged, Iran would have noticed this pretty quickly and pull the plug. The beauty was that the centrifuges ran slightly too fast and too slow so that everything looked normal (according to the readings) but those things didn't produce any useful material for more than a year. That would make more sense but I was going by the Wikipedia article on Stuxnet that said "...causing the fast-spinning centrifuges to tear themselves apart." That sounds like the centrifuges were damaged. Of course, Wikipedia has been known to be wrong in the past. en.wikipedia.org/wiki/Stuxnet |
|
|
|
Post by the light works on Oct 25, 2014 15:02:10 GMT
Actually not. If the centrifuges would have been damaged, Iran would have noticed this pretty quickly and pull the plug. The beauty was that the centrifuges ran slightly too fast and too slow so that everything looked normal (according to the readings) but those things didn't produce any useful material for more than a year. That would make more sense but I was going by the Wikipedia article on Stuxnet that said "...causing the fast-spinning centrifuges to tear themselves apart." That sounds like the centrifuges were damaged. Of course, Wikipedia has been known to be wrong in the past. en.wikipedia.org/wiki/Stuxnetthat is what happens when you allow just anyone to trite your material. |
|
|
|
Post by c64 on Oct 25, 2014 18:12:48 GMT
Well "damage" is much more satisfying and also more logical for the average people.
But damage is obvious and fixing the equipment would just cost money. Production isn't delayed by much. But if they don't get any product for no apparent reason, this is time consuming and causes a major delay.
I wonder if we ever find out who came up with this little critter. Either a large community of "enthusiasts" or a nation state paying a lot of money for the best hackers they could find and then make sure nobody feels the need to talk. I highly doubt that this was made in the USA since those projects all came out sooner or later by "whistle-blowers". Russia and China are a good bet, they are good at keeping such kinds of secrets and they certainly have the capability. Then there is India which is famous for computer experts.
But I would bet my money on a country which isn't known to have computer experts and isn't that big. I would bet on Israel, they already had spoiled the nuclear program of another country after all.
|
|
