Peter's z80.eu site blog
The perfect virus ? NSA's "barnfire" program and implications [offtopic] 
Monday, January 19, 2015, 07:00 PM
Posted by Administrator
The german magazine Spiegel published new infos about some (meanwhile old but still valid) NSA programs in their latest >article<. They also mentioned "barnfire", which is a codename for a BIOS modification to bypass all virus scanners and other (local) detection mechanisms.
Bruce Schneider offers also infos about at, although it does not contain much more infos, see >here<.
His blog points to http://cryptome.org/2015/01/spiegel-15-0117.7z , inside the 7z archive is also a file named media-35661.pdf which mentions "BARNFIRE"
A year ago news were published about a >BadBIOS super trojaner<, but not found yet in a real example.
Also, in January 2014, infos were published about >a similar NSA project named DEITYBOUNCE<, which describes that DELL server were hacked and manipulated by NSA also.

A modified BIOS (it must be a modified one, not a new one, because otherwise it can be easily discovered) does not help if hard disks are encrypted. May be you can "chain/hook" into Windows API after Windows is already booted (and encryption is active), but this seems to be a much more sophisticated approach. It has to be possible to extend functions while they are loaded in memory, because even Windows API will use in its driver BIOS calls (at least in drivers, but may be in some basic parts of the OS too).
You can't modify directly files on disk unless you "know" the encryption keys/encryption algorithm, but you don't need to have the knowledge about it, if your "base" is the BIOS itself.
It's like placing a virus on your harddisk, but the virus is located in the BIOS itself and can't be detected by scanning files or even memory.
But your PC's BIOS flash memory does not have to be write protected. Fortunately new computers only protects the firmware flashing "entry" of the BIOS, but this is SOFTWARE, so unless your PC is not protected by "jumper", it can be bypassed. The function "Flash BIOS" is also just a piece of software.

So the possible attack sequence might be:
1 - try to use a zero day exploit
2 - if successful, identify the used firmware
3 - load the appropriate but modified BIOS
4 - flash the BIOS
5 - delete all traces
6 - reboot (or just wait)

Remember, you will be still protected by external IT security components like http-Proxy servers, unless you analyze also the network traffic with your backdoor code. But this will make the BIOS modifications almost impossible, because you need much more code.

I guess the simpler variation of the BIOS mod is already existing, made by smart programmers @NSA ...
add comment ( 118 views )   |  permalink   |  related link   |   ( 3.1 / 3363 )
640K Ought to be Enough for Anyone 
Monday, January 12, 2015, 10:00 PM
Posted by Administrator
For most DOS software, this might be true.
I am referring to that "quote", because a few days ago, I upgraded my Schneider (Amstrad) PC 1512 to 640KB RAM. And yes, for this machine, it is enough to run most of the programs of an exciting decade.

But where does this "out to be enough" sentence come from ?

Most of the "googled" internet hits says Bill Gates said this.
At least there is one source of a similar sentence he said:
In Infoworld magazine from April 29th, 1985 (Vol.7 Issue 17), you can read at page 5:

When we set the upper limit of PC-DOS at 640K, we thought nobody would ever need that much memory.

William Gates, Chairman of Microsoft

You can read the whole article here (click on picture):


But some already further investigated some more possible sources, so it's difficult to say "Bill Gates" said this. Go on reading at http://quoteinvestigator.com/2011/09/08/640k-enough/

At least, this all is (interesting) history.

P.S.: I have seen a negative feedback (below 3) for this entry. Please give me a note why with "add comment", thank you in advance.
add comment ( 134 views )   |  permalink   |  related link   |   ( 3.1 / 3513 )
Pioneer hardware with a (meanwhile) rare CPU: Cosmac Elf (1976) ... and his successors 
Sunday, January 4, 2015, 10:00 PM
Posted by Administrator
This is really cool:
The "ancient" CMOS CPU from RCA, the 1802, can be still found in SBC projects like the "1802 Cosmicos" and the "COSMAC Elf 2000" !

Why is a SBC so interesting with the RCA 1802 ?
Because the CPU is also used in many satellites and (former) rockets (it was also manufactured as a radiation resistant variation), and it was one of the first 8 Bit CPUs available, too.
Some of the first video consoles used the RCA 1802, too.
In 1976, it was the fastest (3.58Mhz) running CPU, unfortunately no bigger computer manufacturing company used it for their models.
The CPU was also used in a rare homecomputer named "COMX35", but that's the only one of his kind I know.
The first SBC, the Cosmac Elf, was published in August 1976 in "Popular Electronics".

You can take a look at the articles also >here< and >here<.
You should also visit http://www.cosmacelf.com/

NOW WHERE'S THE BEEF ?

Hans Otten has his own page about his 1802 Cosmicos SBC:
http://retro.hansotten.nl/index.php?page=1802-cosmicos
Infos about the "COSMAC Elf 2000" can be found here:
http://www.sparetimegizmos.com/Hardware/Elf2K.htm

But you don't need real hardware to try to program a RCA 1802.
There is a really good emulator: http://www.elf-emulation.com/emulator.html
Another emulator can be found here: http://www.emma02.hobby-site.com/index_download.html

Take a look at http://en.wikipedia.org/wiki/RCA_1802 for a first impression about the CPU.
Then look at the instruction list at http://www.elf-emulation.com/1802.html

Picture was taken from wikipedia.
add comment ( 128 views )   |  permalink   |  related link   |   ( 3.1 / 1219 )
Merry Christmas to all blog readers 
Wednesday, December 24, 2014, 02:00 PM
Posted by Administrator
I wish you a merry christmas and a happy new year !
Thank you for reading my humble vintage computer blogs, some already for years.

The shown animated GIF is taken from the "Sierra Electronic Christmas Card 1986" and runs with MS-DOS 3.2 and above, also on my old Amstrad (Schneider) PC 1512.


You can download the AGI or SCI version here:
http://www.sierrahelp.com/Misc/Demos.html#Christmas

There are much more animations (be amazed, even Santa will show up), not only a fireside.

add comment ( 123 views )   |  permalink   |  related link   |   ( 3.1 / 2579 )
RAM Upgrade Amstrad (Schneider) PC1512 from 512KB to 640KB 
Sunday, December 21, 2014, 11:30 PM
Posted by Administrator
Almost all Amstrad/Schneider PC1512 web pages disappeared meanwhile.
I tell you that, because I looked for hints about upgrading my PC1512 from 512KB to 640KB RAM. After all, that wasn't too difficult, although it's NOT enough just to insert 16 pieces of 4164-120 Dynamic RAM chips (64KBx1 per chip). You have to set a jumper too, unfortunately this wasn't documented in the manual nor on a web page I found.
There are really A LOT OF SCREWS to be removed, until you can take a look at the mainboard:

The smaller red rectangle shows the jumper position. The jumper was hidden by the metal plate/radio shield which covers the mainboard. You have to remove the shield also to see the jumper :-(
This costs at least 2 hours of disassembling and reassembling, but success is sweet:


P.S.:
Wikipedia is wrong with the description of the RAM upgrade.
There is written "it could be upgraded to 640K of RAM with an expansion pack commonly known as a 'top hat'". there is no such "expansion pack". You need only 16 DRAM chips each with 64KBit memory. Nothing else.

P.P.S.: There is a tech manual online, and if you know the words you have to look for, you will find also the hint for the above mentioned jumper, see "related Link".
add comment ( 136 views )   |  permalink   |  related link   |   ( 3.1 / 1967 )

<<First <Back | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | Next> Last>>