On Tue, 8 Jan 2008, Sunnz wrote:
>7 Jan 2008 07:58:04 -0800, Unix Fan :

quoted text
>>These firmwares are just the same as "Microcode" in modern processors,

>>It's "NOT" tainting the kernel at all... unlike "binary blob" drivers

>>that are very common in the

>

>Just wondering... what could be the worse thing that could happen if

>the firmware is badly written, say for a wireless device? Could it be

>possible to bring the whole system down? Or would it just crash the

>device itself, as if the hardware had a defect?

On some architectures, some devices have access to all of main memory --

so malicious firmware could do just about anything.  And most devices

can at least lock up a bus and so hang the system.  But this is true of

_all_ device firmware, whether it's loaded by the system, upgradable

(e.g., EEPROM) or permanent (e.g., ROM) -- it's just easier to provide a

malicious firmware file for loading than it is to convince someone to

replace a ROM chip.  Even for a pure-hardware device, with no firmware

at all, you still have to trust the manufacturer to avoid bugs which can

harm the system as a whole.
	Dave
--

Dave Anderson