From: Christian Wettergren <cwe@it.kth.se>
Date: Sat, 27 Apr 1996 00:24:05 +0800
To: "Paul S. Penrod" <furballs@netcom.com>
Subject: Re: trusting the processor chip
In-Reply-To: <Pine.3.89.9604252347.A18926-0100000@netcom13>
Message-ID: <199604260901.LAA22411@piraya.electrum.kth.se>
MIME-Version: 1.0
Content-Type: text/plain



Take a look at the IEEE Symp on Security and Privacy Proceedings from
1995, I believe it was. There was a paper there about security bugs in
the Intel processors, enumerating a number of them in 80386 for example.
There where at least one or two byte sequences that plainly stopped 
the processor.

[I'll find the reference, I have it back home.]

The authors concluded that the number of released bugs reports had
dimished over time for each processor model, and for the Pentium not 
a single one had been released. They speculated whether it was considered 
company confidential perhaps?

They "promised" to build their own "processor tester" to try to find
the most obvious ones at least. But it will be very hard to find all of
these bugs, judging from the released bugs. Some of them are only 
appearing sporadically under a pretty complicated set of circumstances,
like what is in the pipeline, the cache etc...

The processor is ever important, if it is illdefined or flakey, it is
almost impossible to build security on top of it.

/Christian