Discussion:
UEFI vulnerabilities or backdoors and VMS x86-64
(too old to reply)
Simon Clubley
2017-03-27 00:46:30 UTC
Permalink
Raw Message
Given the various revelations about UEFI vulnerabilities and
outright backdoors, I wonder if VSI are doing anything to reduce
the possibility of VMS x86-64 systems being compromised via
a UEFI attack mechanism ?

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
David Froble
2017-03-27 03:56:16 UTC
Permalink
Raw Message
Post by Simon Clubley
Given the various revelations about UEFI vulnerabilities and
outright backdoors, I wonder if VSI are doing anything to reduce
the possibility of VMS x86-64 systems being compromised via
a UEFI attack mechanism ?
Simon.
Can they do that, and still use UEFI?

At least with Alpha you didn't have something the whole world was trying to hack.
Simon Clubley
2017-03-27 17:57:15 UTC
Permalink
Raw Message
Post by David Froble
Post by Simon Clubley
Given the various revelations about UEFI vulnerabilities and
outright backdoors, I wonder if VSI are doing anything to reduce
the possibility of VMS x86-64 systems being compromised via
a UEFI attack mechanism ?
Can they do that, and still use UEFI?
Yes, and if VSI do a search for reducing UEFI vulnerabilities, they
will find various papers and topics on the subject. The problem with
UEFI is that it's too bloated and it is bloat that has way too much
low-level control over the hardware.

In some ways, I miss the old days of BIOS jumpers...

BTW, here's one document I just found with a quick search:

http://www.uefi.org/sites/default/files/resources/2014_UEFI_Plugfest_06_Phoenix.pdf
Post by David Froble
At least with Alpha you didn't have something the whole world was trying to hack.
If Alpha was still around, then malicious PALcode might have become
a thing by now, although you probably couldn't have got anywhere
near as creative with it as you can with UEFI.

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
IanD
2017-03-27 10:16:17 UTC
Permalink
Raw Message
Post by Simon Clubley
Given the various revelations about UEFI vulnerabilities and
outright backdoors, I wonder if VSI are doing anything to reduce
the possibility of VMS x86-64 systems being compromised via
a UEFI attack mechanism ?
Simon.
--
Microsoft: Bringing you 1980s technology to a 21st century world
This is the world VMS will be walking into

Going from security by obscurity to running with the rest of the crowd

This is precisely why I said VMS had better get its ducks in a row because a slip-up on the road to making a come-back in the security arena will spell the end of VMS quick-smart, IMO

When one looks at the exploits that are around and are being pursued, you see that they are targeting lower and lower mechanisms down the stack

In a recent article I read, there is even talk that there have possibly been exploits put into CPU design!

A few years back researches found a weakness in certain encryption hardware. I think what they found was if you constantly polled a particular port, the randomness of the port starts to fail as the hardware starts to loose it's random abilities and you effectively carve out a reinforced pathway in the hardware. You never actually compromise the hardware because that would be detectable but you leave it in a state where you skew the results so that statistically you can predict and therefore exploit the outcome in your favour to gain entry. Seriously fascinating stuff. It's become a matter of compromise but don't fully expose your exploits now, meaning that exploits often exist for months to years

How much does VMS rely upon the underlining hardware to be secure?

I wonder what can be done on a cluster basis to have VMS check itself as a mechanism for bolstering security. Safety in numbers? Could become a selling point for VMS clusters perhaps if one can develop a security model that increases with the node numbers

This issue is similar in nature to the mental patient problem. How does a mental patient verify their own sanity when they cannot trust their own cognitive abilities. You need an external source and/or internal routines that cannot be compromised or exploited

An external VMS security audit server perhaps?
VSI could develop a system that performs random audits at random locations involving random aspects of the VMS OS, all for a fee of course. do I smell a blockchain somewhere ;-)

How to harden VMS?
Simon Clubley
2017-03-27 18:05:53 UTC
Permalink
Raw Message
Post by IanD
Post by Simon Clubley
Given the various revelations about UEFI vulnerabilities and
outright backdoors, I wonder if VSI are doing anything to reduce
the possibility of VMS x86-64 systems being compromised via
a UEFI attack mechanism ?
This is the world VMS will be walking into
Yes, and I still get the feeling there's quite a bit of sleepwalking
going on. I hope people wake up by themselves instead of having to
be shaken awake.
Post by IanD
Going from security by obscurity to running with the rest of the crowd
Security by obscurity is bad because it can lead to an unjustified
mindset that today's security problems "are the concerns of other
people and don't affect us".
Post by IanD
In a recent article I read, there is even talk that there have possibly been
exploits put into CPU design!
It doesn't even have to be in the core CPU instruction set either.

For example, there have been concerns about the remote management
engines built into modern chipsets.

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
Paul Anderson
2017-03-28 21:15:20 UTC
Permalink
Raw Message
Post by Simon Clubley
Given the various revelations about UEFI vulnerabilities and
outright backdoors, I wonder if VSI are doing anything to reduce
the possibility of VMS x86-64 systems being compromised via
a UEFI attack mechanism ?
Simon.
Yes.

Paul Anderson
VMS Software, Inc.
Simon Clubley
2017-03-28 22:42:21 UTC
Permalink
Raw Message
Post by Simon Clubley
Given the various revelations about UEFI vulnerabilities and
outright backdoors, I wonder if VSI are doing anything to reduce
the possibility of VMS x86-64 systems being compromised via
a UEFI attack mechanism ?
Yes.
Good.

Simon.
--
Simon Clubley, ***@remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world
Loading...