Hardware

Overheard - Computer hardware visual reference

“This idea grew out of the need of a visual aid for customers while I worked at CompUSA.” Sonic84, Artist’s comments

Today we’re featuring Sonic84’s excellent fast reference chart for hardware.  He’s created an illustrated cheatsheet for RAM, hard drives, ports, slots and connectors.  Sonic told me he took most of the photos with a Canon Powershot A630. Sonic says “the thing has a great macro.”   When asked where he found all the hardware, he said:

“I collect old computers and for a while my local Goodwill had a lot of vintage stuff going through it. Combined with the techshop I worked in, I had a lot of diverse hardware at my disposal.  Sometimes I’d find hardware eBay.  I had to do that when I was searching for rare stuff like a PAC418 socket and 32Bit RAMBUS chip.”

Overheard - BIOS attack

“Until now, common wisdom has been that the large variety of BIOS implementations means it is unfeasible for attackers to create portable, widespread BIOS malware. Core’s researchers proved this wrong.” Sherri Davidoff, BIOS can become a source of malware

According to Core’s CTO, Ivan Arce, the researchers identified a specific section of BIOS code — a decompression routine — used in the majority of motherboards. BIOS code is stored compressed so that it takes up less space, and code must be decompressed before it runs. The decompression routine is exactly the same in many different motherboards. This gives attackers a single snippet of code that they can target in order to compromise many different BIOSes. The result? For the first time, researchers showed that BIOS-level malware can practically infect a wide variety of hardware.

Overheard: It’s official — IBM Roadrunner is world’s fastest computer

Perhaps surprisingly, more than 5 million PlayStation 3 owners in the U.S. have first-hand knowledge of at least one of the processors that carried the Roadrunner to victory. Walaika Haskins, IBM Roadrunner Meep-Meeps to Top of Supercomputer Rankings

The IBM supercomputer is powered by 12,240 IBM PowerXCell 8i Cell chips similar to those found in the gaming console. The system’s 6,562 AMD Opteron dual-core processors handle the basic compute functions, leaving the Cell chips available to deal with the heavy lifting necessary for the math-intensive calculations in which the processors specialize.

Overheard: Why would anyone want to attack the firmware?

The danger with embedded devices is that they are often forgotten. They don’t always get patched or audited, and they can contain application-level vulnerabilities, such as flaws in the remote management interface that leave the door open for an attacker. Rich Smith as quoted in Permanent Denial-of-Service Attack Sabotages Hardware

We aren’t seeing the PDOS attack as a way to mask another attack, such as malware insertion, but as a logical and highly destructive extension of the DDOS [dedicated denial of service] criminal extortion tactics seen in use today.

So this is about corporate sabatoge? Or criminals wiping out a few routers and extorting money for keeping the rest of the company’s network operational? Wow.  Sounds like a good plot for a John Grisham book. 

Rich Smith (HP System Security Lab)  has even come up with a cool name for the attacks: phlashing.  And the fuzzing tool he developedfor either launching an attack or detecting vulnerabilities? PhlashDance. 

Overheard: Overclocking is a personality trait

Question: What kind of idiot would do that to NEW, EXPENSIVE hardware?

Answer: The same kind of person who, 10 years from now — when he gets his amazing new 200,000 GHz 512 bit processor with a terabyte of RAM — will say “How do I overclock it?”

This conversation on Slashdot made me laugh out loud. They were talking about an AMD Athlon 64 General Overclocking Guide. It’s totally beyond me why any sane person would want to take perfectly good hardware, void the warranty, put so much extra stress on components that the hardware’s lifespan is significantly shortened — and risk causing a fire — just so he could brag on some discussion board about how fast he got something going.

Overheard: Why the mainframe didn’t die

“The mainframe survived its near-death experience and continues to thrive because customers didn’t care about the underlying technology. Customers just wanted the mainframe to do its job at a lower cost, and IBM made the investments to make that happen.” Irving Wladawsky-Berger as quoted in Why Old Technologies Are Still Kicking

John Belmont shows us IBM’s newest mainframe, the Z10. It has a starting price of about a million dollars.

Overheard: Operation Cisco Raider

Counterfeit network hardware entering the marketplace raises significant public safety concerns and must be stopped…It is critically important that network administrators in both private sector and government perform due diligence in order to prevent counterfeit hardware from being installed on their networks. Assistant Attorney General Alice S. Fisher, as quoted in Progress Reported Against Traffickers in Counterfeit Network Hardware

Over the last 2 years, Operation Cisco Raider has resulted in 36 search warrants that identified approximately 3,500 counterfeit network components with an estimated retail value of over $3.5 million, and has led to a total of ten convictions and $1.7 million in restitution.

Overheard: Virtualization causes appliance vendors real pain

Virtualization is causing IPS and NAC appliance vendors some real pain in the strategic planning department. I’ve spoken to several product managers of IPS and NAC companies that are having to make some really tough bets regarding just what to do about the impact virtualization is having on their business. Christopher Huff, How the Hypervisor is Death By a Thousand Cuts to the Network IPS/NAC Appliance Vendors

Overheard: The best camera at this year’s CES was one you can build yourself

I was very glad to hear Bug Labs, with its open source hardware mashups, won CNET’s Best of CES 2008 award for emerging technology.

Bug Labs is kind of like a “Build-A-Bear Workshop” for hardware devices. Very empowering.

Overheard: Open source hardware mashups

“I found myself holding one Lego block in one hand and another Lego block in the other and wondering, why couldn’t this block be a GPS and this block be a wireless modem and stick them together to get a wireless GPS?” Peter Semmelhack of Bug Labs, as quoted in a blog post by David Cohn

David Cohn writes: Bug Labs hopes to do for consumer electronics what Web site mashups have done for the Internet, provide the means for anyone to create their own product. What they will start selling in the fall are the BUGS or the base piece of hardware that can be adapted to include any number of modules that snap into the baseboard like jigsaw pieces. The various add-ons, like a GPS device, a camera, an LCD screen, or keyboard, can be mixed or matched to produce as many gadgets as the consumers can dream up. With 80 potential plug-ins to choose from the BUG could become the foundation for any number of niche gadgets.