1998-07-08 - Re: Covert Access to Data and ID

Header Data

From: John Young <jya@pipeline.com>
To: cypherpunks@toad.com
Message Hash: 6a6e8a3cdb2396edcc300d2299dc69997dd26d093c968fed0ad87080aff59c81
Message ID: <199807081736.NAA11731@camel14.mindspring.com>
Reply To: N/A
UTC Datetime: 1998-07-08 18:03:21 UTC
Raw Date: Wed, 8 Jul 1998 11:03:21 -0700 (PDT)

Raw message

From: John Young <jya@pipeline.com>
Date: Wed, 8 Jul 1998 11:03:21 -0700 (PDT)
To: cypherpunks@toad.com
Subject: Re: Covert Access to Data and ID
Message-ID: <199807081736.NAA11731@camel14.mindspring.com>
MIME-Version: 1.0
Content-Type: text/plain


Froward From: Anonymous
To: die@pig.die.com
Cc: jy@jya.com
Subject: Intel plans for world domination
Date: Wed, 8 Jul 1998 10:51:04 -0500 

Good afternoon gentlemen,

I've been reading the correspondence on the possibility of govt
keystroke access with some interest. I'm in a slightly odd position as
I'm responsible for security in one of the larger wintel companies. As
such I've been getting quite a feeling of deja vu reading your mails.
Intel and others are moving in exactly this direction with a number of
initiatives, most notably the PC98, PCXX, and "Wired For Management".
WfM in particular is very scary - one of the components is a facility
for PC's to download and run digitally signed software before the OS is
booted - between "the end of BIOS initialisation and when control is
transferred to a high-level OS" in the words of one Intel document. The
code is verified by routines embedded in the BIOS and will allegedly use
some subset of X.509v3 and PKCS#1.

As so often happens in circumstances like this I can't risk passing
documents directly as I can't be sure of their provenance - I really
have no idea which ones are now considered trade secrets and which have
been made public. Instead I recommend you have a look at the Intel WfM
site http://www.intel.com/ial/wfm/ with particular reference to the
"Pre-Boot Execution Environment" (PXE) and "System Management BIOS"
(SMBIOS). The Microsoft pc98 site is at

   http://www.microsoft.com/hwdev/pc98.htm 

and the Intel one at

   http://developer.intel.com/design/pc98/.

----------

And, DM reminds of the DIRT program Ray Arachelian first posted
here:

There's an article on page 37 of the July 6, 1998 issue of
NetworkWorld about a new software product for Windows machines
that is basically a trojan horse that allows access to all
keystrokes and files on a system from a remote "America's
Most Wanted"-type HQ.  I can't find the article online
at www.networkworld.com, but you can go the the company's
site at 

   http://www.thecodex.com/dirt.html 

to see it.  Sale of DIRT is "restricted to military, government, and law
enforcement agencies", the article says.








Thread