lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040125160251.0D48497B4D@cpo.tn.tudelft.nl>
From: emvs.fd.3FB4D11C at cpo.tn.tudelft.nl (Erik van Straten)
Subject: Re: DOS all platforms

On Sun, 25 Jan 2004 12:49:48 +0000 Patrick J Okui wrote:
> On Sat, 24 Jan 2004, Jonathan A. Zdziarski wrote:
> > I heard of a bet going between a student and IBM many many years ago to
> > write a virus to cause physical damage.  Apparently the student was able
> > to use harmonic resonance and the hard disk drive to physically shake
> > the PC off the desk.
> 
> would anyone have links to this article?

I don't, but all my PC's are floor-standing big towers, you're not
gonna get us! (you could try a print command though, Epson causes my
table to shake).

Anyway, it is probably by no way reproducible on any PC.

However, I know that using DOS based disk editors, it was possible on
some brand/type HDD's to seek to a sector beyond the end of the disk,
which would often cause nasty click sounds. I've never damaged HDD's in
such a way but can imagine that repeated banging would break stuff.

Nevertheless I don't see the purpose. If you have write access to a HDD
you can already cause extreme damage by overwriting the first N sectors.
Why even bother trying to drop something on the floor?

Now that we're at it, you can cause "virtual damage" on most HDD's. If
power is removed during sector-write, it is likely that the checksum
(usually ECC, which is quite effective BTW), fails. Most HDD diagnostic
software will treat it as a permanent bad sector, and usually remap it.

Your "drop off the desktop" virus could cause the plug to be pulled :)

Some HDD's permit you to write raw sectors (e.g. > 512 bytes with ECC
bytes you define). On those, you can create your own "bad sectors".
Usually, if you overwrite the particular sector using the regular
commands, it turns "good" again.

I have "repaired bad sectors" (not remapping) that showed up after a
power failure (or someone pulling the plug of a live box) by simply
overwriting them using a diskeditor.

Erik

PS have not spent much time on this subject lately. Some morons and sw
manufacturers forced me to waste time and become a security amateur.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ