[Arm-netbook] ARM's OOB para-virtualization & FreeZone in A10?

Gordan Bobic gordan at bobich.net
Thu Jul 5 16:30:27 BST 2012


On 05/07/2012 16:07, freebirds at fastmail.fm wrote:

> ClamAV can no longer open these.

Can you cite a vector by which on Linux the AV daemon running as root is 
unable to scan a file using the on-open hooks?

> They infected
> my removable media with USB worms including a firmware rootkit in my
> Sansa Clip MP3 players. Inserting my removable media infects the
> computers.

And this also works on Linux? Can you cite any record of an exploit that 
is capable of this?

> This mailing list does not need to believe that my abuser's
> investigators hired crackers. Just be open minded. Don't automatically
> think anyone who claims that they are being cracked is paranoid. The
> purpose of my posts in this mailing list and freedombox foundation's
> mailing list is to recognize the privacy breaches in hardware and to
> create a customized safe open hardware if none already exist.

My concern is that so far all the information provided is purely 
anecdotal and hearsay. Can you actually provide any documentation of 
these exploit vectors having actually been identified and published?

> AMD and Google are considering
> purchasing MIPS. After the buy out there will be no support for MIPS.

Would you care to elaborate on that? How would the buy-out of MIPS 
result in there being no more support for MIPS?

> There will be only three manufacturers of processers in the world and
> they all have virtualization.

Can you elaborate why exactly it is specifically virtualization 
extensions that are an issue? If you are running a Linux kernel that 
will only load signed modules, how do you propose the perpetrator would 
inject a custom, unsigned virtualization module into your running kernel 
to leverage virtualization extensions to do something nasty to the 
running OS?

Gordan



More information about the arm-netbook mailing list