Can a computer virus kill the CPU?

Casper H.S. Dik wrote:
> "w_tom" <w_tom1@usa.net> writes:
>
> > Notice those thousands of viruses doing so much hardware damage. The
> >glaring hole in Sebastian's comments is the one missing example after
> >so many hundreds of thousands of viruses. According to Sebastian, this
> >damage is easy. Fine. So where are the hundreds of examples?
> >Sebastian's reasons for how a virus can harm hardware are easy to
> >implement if viruses can damage hardware. Therefore numerous examples
> >should exist. Why does it know it can happen and yet does not provide
> >any example? Are virus writers too moral to harm hardware?
>
> Because the virus writes make money of their viruses by
> not hurting their victims too much.
>
> They strive for symbiosis; the incentive is $$; most virus now are
> used for:
> DDoS zombies
> SPAM bots
> popup adds.
>
>
> Dead computers don't make money.
>
> The second reason is the diversity of PCs; you will need a specific
> exploit to kill PCs for each of:
>
> - different FLASH chips on the motherboard
> - different harddisk types
>
> and a very specific one for those systems which require the OS
> to "keep things cool". And the writing of such viruses costs
> actual hardware; you can't test it without breaking actual pieces.
> of hardware. So you need a great variety of systems to make even
> a little bit of impact and you need to be willing to destroy it.
>
> So it only makes sense for the weapons labs of nation states to
> develop such killer viruses. Making and testing one will set
> you back many thousands.
>

So basically people (except perhaps for the military) have lost
interest
in wanton destruction and simple vandalism and have now decided to
go and exploit systems for money? Why didn't many HW-destroying
viruses exist when people still made 'em for destruction?

> Casper
> --
> Expressed in this posting are my opinions. They are in no way related
> to opinions held by my employer, Sun Microsystems.
> Statements on Sun products included here are not gospel and may
> be fiction rather than truth.

mike4ty4@yahoo.com writes:

>So basically people (except perhaps for the military) have lost
>interest
>in wanton destruction and simple vandalism and have now decided to
>go and exploit systems for money? Why didn't many HW-destroying
>viruses exist when people still made 'em for destruction?

You didn't read the second part of my email?

The cost of writing such viruses is prohibitive if you want
decent coverage (and some viruses which destroy firmware
do exist)

Casper
--
Expressed in this posting are my opinions. They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.

Sebastian Gottschalk <seppi@seppig.de> writes:

>Huh? On Windows you've got ASPI and SPTI. Or you simply load your own
>driver. After all, you only have to keep things cool if you don't want to
>end up with a messed-up firmware. Who cares for a memory relocation? Just
>makes another bunch of garbage overwrite the firmware.

Most hardware does this automatically and can't be broken in that
way.

(And testing of the virus is still expensive)

Casper
--
Expressed in this posting are my opinions. They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.

Again, original question was about hardware damage. Virus unique to
that hardware might harm a BIOS software. Software that is part of
firmware. But no hardware - even hardware that contains BIOS code - is
damaged. No hardware was damaged by the virus. ICs still function as
they did from the IC factory. Part designed by hardware designers is
not damaged by viruses.

Again, the original question was not about viruses that can attack
software or firmware. Original question did not ask about sending
computer back to the factory. To cite a virus that can damage, one must
change the original question. Hardware in retail products is designed
to be software resilient. Software - be it a virus, misloaded code
such as the HAL, or even a wrong BIOS - must not damage hardware.
Malware can damage software in a disk or might damage software in
firmware. But that is not hardware damage even if repair means sending
it back to the factory.

Military versions of ICs function same (unless, of course, hardware
is a special function IC executing something unique such as an
encryption algorithm). Military ICs perform same functions, but in
more harsh environments. Most notable difference between a commercial
version and a military version is operating temperature range.
Aerospace vehicles also use same ICs. But aerospace version is
typically a military version IC tested for space radiation exposure.
Many aerospace vehicles only use fully qualified ICs that have been
well proven first in regular commercial applications. These are not
specially manufactured ICs. These are simply same IC design that has
been 'fully qualified'.

For example, spacecraft don't use advanced Pentium processors.
Spacecraft use 8086 or 68000 version processors that have been well
proven in retail and commercial applications AND then were qualified
(tested) for space operation. Commercial grade ICs function same as
their military versions because software cannot harm even a commercial
version of the integrated circuit (hardware).

This reply answers an original question about viruses harming
hardware. Others are now citing malware harming software. That is not
the original question. Furthermore, harming firmware is made more
difficult as designers learned from their mistakes - as hardware
designers already have. Viruses do not easily attack firmware or HAL
software (which are unique for that hardware design). Even if these
software are violated, still, hardware damage must not occur. That is
required of and is well proven by legacy of hardware design. Just
another reason why computers change so little over decades. So much
legacy exists in all computer designs for so many reasons. Design so
that software cannot cause hardware damage.

mike4ty4@yahoo.com wrote:
> But can't the virus also be designed for pure wanton violence? What
> happened to the pure-destruction viruses? Ie. it would spread and
> spread, and then when a specific date rolls around, the "time bomb"
> goes off and the computers are destroyed. And if you can get a
> server's hardware to autodestruct, you do not need DDOS attacks...
> Therefore destroying the hardware may not be very easy to do...
> Viruses have been made that wipe hard disks, destroying any useful
> information in the process, so why can't they destroy hardware that's
> vulnerable? Perhaps hardware is tougher than you think? Also,
> wouldn't a military virus that destroys hardware be a useful weapon,
> to disable enemy computers? Perhaps maybe then such viruses DO
> exist... it's just that the US Government doesn't want us to know about
> them... Figures. The gov't is probably always 1-2 steps ahead of what
> we know about. This of course leads me to an interesting question: Do
> CPU manufacturers make "military editions" of their chips that are
> faster and better than the chips you can buy in the store?

w_tom <w_tom1@usa.net> wrote:
> Again, original question was about hardware damage.
[deleted]
> Again, the original question was not about viruses that can attack
> software or firmware. Original question did not ask about sending
> computer back to the factory.
[deleted]
> This reply answers an original question about viruses harming
> hardware. Others are now citing malware harming software. That is not
> the original question.
[deleted]

Can you please pay attention? Never mind the "original question"! You
are responding to the original *questioner*. Respond to his (*new*)
posting or don't, but don't respond saying you don't.

Probably you wouldn't have this problem if you responded in the usual
interleaved (quote-response, quote-response, ...) way, instead of
top-posting.

> mike4ty4@yahoo.com wrote:
> > But can't the virus also be designed for pure wanton violence? What
> > happened to the pure-destruction viruses? Ie. it would spread and
> > spread, and then when a specific date rolls around, the "time bomb"
> > goes off and the computers are destroyed. And if you can get a
> > server's hardware to autodestruct, you do not need DDOS attacks...
> > Therefore destroying the hardware may not be very easy to do...
> > Viruses have been made that wipe hard disks, destroying any useful
> > information in the process, so why can't they destroy hardware that's
> > vulnerable? Perhaps hardware is tougher than you think? Also,
> > wouldn't a military virus that destroys hardware be a useful weapon,
> > to disable enemy computers? Perhaps maybe then such viruses DO
> > exist... it's just that the US Government doesn't want us to know about
> > them... Figures. The gov't is probably always 1-2 steps ahead of what
> > we know about. This of course leads me to an interesting question: Do
> > CPU manufacturers make "military editions" of their chips that are
> > faster and better than the chips you can buy in the store?

w_tom wrote:
> Again, original question was about hardware damage. Virus unique to
> that hardware might harm a BIOS software. Software that is part of
> firmware. But no hardware - even hardware that contains BIOS code - is
> damaged. No hardware was damaged by the virus. ICs still function as
> they did from the IC factory. Part designed by hardware designers is
> not damaged by viruses.
>
> Again, the original question was not about viruses that can attack
> software or firmware. Original question did not ask about sending
> computer back to the factory. To cite a virus that can damage, one must
> change the original question. Hardware in retail products is designed
> to be software resilient. Software - be it a virus, misloaded code
> such as the HAL, or even a wrong BIOS - must not damage hardware.
> Malware can damage software in a disk or might damage software in
> firmware. But that is not hardware damage even if repair means sending
> it back to the factory.
>
> Military versions of ICs function same (unless, of course, hardware
> is a special function IC executing something unique such as an
> encryption algorithm). Military ICs perform same functions, but in
> more harsh environments. Most notable difference between a commercial
> version and a military version is operating temperature range.
> Aerospace vehicles also use same ICs. But aerospace version is
> typically a military version IC tested for space radiation exposure.
> Many aerospace vehicles only use fully qualified ICs that have been
> well proven first in regular commercial applications. These are not
> specially manufactured ICs. These are simply same IC design that has
> been 'fully qualified'.
>
> For example, spacecraft don't use advanced Pentium processors.
> Spacecraft use 8086 or 68000 version processors that have been well
> proven in retail and commercial applications AND then were qualified
> (tested) for space operation. Commercial grade ICs function same as
> their military versions because software cannot harm even a commercial
> version of the integrated circuit (hardware).
>
> This reply answers an original question about viruses harming
> hardware. Others are now citing malware harming software. That is not
> the original question. Furthermore, harming firmware is made more
> difficult as designers learned from their mistakes - as hardware
> designers already have. Viruses do not easily attack firmware or HAL
> software (which are unique for that hardware design). Even if these
> software are violated, still, hardware damage must not occur. That is
> required of and is well proven by legacy of hardware design. Just
> another reason why computers change so little over decades. So much
> legacy exists in all computer designs for so many reasons. Design so
> that software cannot cause hardware damage.
>

So then, basically, it would be very difficult to write a virus that
could attack
95% of the firmware out there and thus require 95% of infected systems
to
be sent back to the factory (which is what I had in mind when I asked
the
original question -- a virus that would demand factory return.), or
have parts
replaced, etc., and almost impossible to damage hardware physically
with
the virus, right?

You mentioned about spacecraft not using advanced Pentium processors,
only 8086s. But what if they needed more computing power? 8086 is a
very
slow processor and is only useful for relatively simple things. Even
though
they might not need it now, what if they do in the future?

I also needed to know about the motivation to make the virus thing,
where
I asked about the military. Could it be possible that the military has
a virus
that can damage hardware or otherwise mandate physical repair
procedures?

Also, though, for military computers used for doing complex
calculations or
other intense activities, including supercomputers, is it possible that
the chip companies manufacture "souped-up" chips for THOSE computers?


> mike4ty4@yahoo.com wrote:
> > But can't the virus also be designed for pure wanton violence? What
> > happened to the pure-destruction viruses? Ie. it would spread and
> > spread, and then when a specific date rolls around, the "time bomb"
> > goes off and the computers are destroyed. And if you can get a
> > server's hardware to autodestruct, you do not need DDOS attacks...
> > Therefore destroying the hardware may not be very easy to do...
> > Viruses have been made that wipe hard disks, destroying any useful
> > information in the process, so why can't they destroy hardware that's
> > vulnerable? Perhaps hardware is tougher than you think? Also,
> > wouldn't a military virus that destroys hardware be a useful weapon,
> > to disable enemy computers? Perhaps maybe then such viruses DO
> > exist... it's just that the US Government doesn't want us to know about
> > them... Figures. The gov't is probably always 1-2 steps ahead of what
> > we know about. This of course leads me to an interesting question: Do
> > CPU manufacturers make "military editions" of their chips that are
> > faster and better than the chips you can buy in the store?

Sebastian Gottschalk wrote:
>> For example, spacecraft don't use advanced Pentium processors.
>> Spacecraft use 8086 or 68000 version processors that have been well
>> proven in retail and commercial applications AND then were qualified
>> (tested) for space operation.
>
> The main reason is that they're cheap.

Apparently you have not worked in and meet requirements for aerospace.
Getting a semiconductor 'fully qualitifed' is not cheap.

Why did the Space Shuttle fly using computers with iron core memories
for the first ten years? Getting electronics qualified for aerospace
is expensive and time consuming. Slow and obsolete core memory based
computers were 'fully qualitifed" then. And they were not cheap.

Hardware that is not damaged by software is easy compared to other
hardware requirements. Software (virus or bug) must not harm hardware.

Sebastian Gottschalk wrote:

> w_tom wrote:
>
>> Sebastian Gottschalk wrote:
>>>> For example, spacecraft don't use advanced Pentium processors.
>>>> Spacecraft use 8086 or 68000 version processors that have been well
>>>> proven in retail and commercial applications AND then were qualified
>>>> (tested) for space operation.
>>>
>>> The main reason is that they're cheap.
>>
>> Apparently you have not worked in and meet requirements for aerospace.
>> Getting a semiconductor 'fully qualitifed' is not cheap.
>
> Again: They could also use qualified and long-tested modern
> high-performance chips. Instead they resort to using way more old and slow
> chips.

No. In space you need rad-hard chips. And it's not enough to package the
chip better, you have to redesign the silicon to be tolerant to occasional
charged particles that hit the chips anyway. The market for those chips is
so small that you just can't get the latest and shiniest processors. In
many cases you don't even need them. The bottleneck isn't processing power
(except maybe in imaging), it's in communications.

-- Lassi

For a longest time, satellites, et al did not have computer
(microprocessors) or even encryption. Satellites were a gentleman's
game even during the Cold War. Most processing was performed on earth.
A satellite had only enough intelligence to maintain itself for short
periods. Electronics was the simplest and the least complex possible.

Later, simple processors were installed only for station keeping -
only to increase reliability. I suspect TDRSS (NASA's communication
satellite system) may have been a first to use intelligent processing
for data - satellite operating as a switch and not as a repeater.
However that is the trend. Electronics in aerospace is the simplest,
old, and well understood because reliability and being 'fully
qualified' are so critical. To put something more advanced means there
was no alternative. Only then was massive money spent to qualify a new
part.

When more processing power is required, an expensive process would be
used to qualify a newer and yet well proven processor. So designers
kept most intelligent functions on earth. Yes, slowly more robust
processors make it into space. But rarely is anything 'state of the
art' in aerospace. 'Reliability' is a far larger consideration which
often means old and well proven hardware. Processing power of one
astronaut's laptop is far more powerful than all Shuttle computers
combined. That laptop need not be reliable. Those shuttle computers
must be extremely reliable - and still they sometimes fail. Therefore
the Shuttle has five computers making flight decisions. A poll
determines which three will be believed. Again, it's about
reliability and why those computers have so little processing power.


Viruses that attack firmware have even been shipped (unknowingly) by
the computer manufacturer. Such viruses, although rare, have been
observed (and manufacturers don't like to talk about it). But again,
no hardware damage.

Cited previously was the case where a monitor signal too high in
frequency could cause monitor damage. So yes, sometimes a designer
does make a mistake, the lessons learned, and hardware fixed so that
software cannot cause damage.

We also built customized equipment where a software bug could cause
relay damage. But again, this was customized equipment AND restricted
users also had no access to embedded software. Software was embedded
so that damage could not result from user programming. Even customized
equipment makes hardware as resilient as possible to software failure
or malware.

The context is not such custom equipment. This context is consumer
computers. Consumer electronics is designed so that software cannot
harm hardware. Consumer equipment must be that 'idiot proof'.

More complex and custom equipment can be harmed if the attacker has
very specific engineering knowledge of that item; a specific item
targeted. Specific engineering knowledge is what a virus writer must
have to specifically attack firmware for a specific machine. These
customized machines were designed so that software could not cause
hardware damage. But then some functions might not be so robust
because costs would be so high and because of the unique customized
nature of its function. It is possible to put a virus into a robot so
that robot destroys its own arms. But then good luck trying to do it.
It is possible, but ....

Supercomputers are a different environment. The days of customize
hardware (ie Cray XMPs) are gone. Same processor chips built for
commercial purposes now are used in supercomputers where numbers of
processors - not specialized functions - are the objective. Most
'souped up' chips are sold in the market. An example: Sony Playstation
3. This new hardware is also challenging how software can utilize the
power - creates a massive challenge to software engineers.

Don't assume that because it is a nuclear missile, then it must have
the most advanced electronics. Instead, it will have the most
'reliable' electronics. Each market has different parameter
requirements. Sony Playstation 3 would be far too unreliable for
aerospace use.

But consumer electronics is carefully designed so that software will
not damage hardware. Computers are legacy designs where most of the
machine is simply a faster version of the same thing done a decade ago.
That legacy requirement is important because of what the market
demands of consumer electronics - where everything is a black box and
the retail 'computer expert' does not even know what a power supply
does. In such markets, hardware is designed so that software (viruses,
bugs, and mistakes) cannot damage hardware.

mike4ty4@yahoo.com wrote:
> So then, basically, it would be very difficult to write a virus that
> could attack 95% of the firmware out there and thus require
> 95% of infected systems to be sent back to the factory (which
> is what I had in mind when I asked the original question -- a
> virus that would demand factory return.), or have parts
> replaced, etc., and almost impossible to damage hardware
> physically with the virus, right?
>
> You mentioned about spacecraft not using advanced Pentium
> processors, only 8086s. But what if they needed more
> computing power? 8086 is a very slow processor and is only
> useful for relatively simple things. Even though they might not
> need it now, what if they do in the future?
>
> I also needed to know about the motivation to make the virus
> thing, where I asked about the military. Could it be possible
> that the military has a virus that can damage hardware or
> otherwise mandate physical repair procedures?
>
> Also, though, for military computers used for doing complex
> calculations or other intense activities, including
> supercomputers, is it possible that the chip companies
> manufacture "souped-up" chips for THOSE computers?

Sebastian Gottschalk wrote:
> Use more of them. 50 8068s at 1 MHz are cheaper than 1 Pentium at 50 MHz.

Again Sebastian demonstrates little experience. He is making
conclusions without sufficient knowledge. 50 8086s would significantly
increase weight both in CPUs and their supporting platforms, and in
increased power for all those CPUs. Cheaper is not about the price of
that CPU. Costs are a 'system wide' analysis. Sebastian apparently
has not yet worked at the 'system design' level and has never worked in
aerospace. Rad-hardened is part of getting hardware 'fully qualified'.
Just getting the part qualified is major costs.

Sebastian Gottschalk wrote:
> Why should weight be a problem?

Lowering weight is critical in spacecraft design. For example, every
pound of electronics eliminated means another pound of hydrazine fuel.
More fuel means spacecraft has longer life expectancy. Spacecraft
builders earn bonus money every year the bird lasts beyond its life
expectancy.

Sebastian Gottschalk wrote:
> Lassi Hippeläinen wrote:
>
>> Sebastian Gottschalk wrote:
>>
>>> w_tom wrote:
>>>
>>>> Sebastian Gottschalk wrote:
>>>>>> For example, spacecraft don't use advanced Pentium processors.
>>>>>> Spacecraft use 8086 or 68000 version processors that have been well
>>>>>> proven in retail and commercial applications AND then were qualified
>>>>>> (tested) for space operation.
>>>>> The main reason is that they're cheap.
>>>> Apparently you have not worked in and meet requirements for aerospace.
>>>> Getting a semiconductor 'fully qualitifed' is not cheap.
>>> Again: They could also use qualified and long-tested modern
>>> high-performance chips. Instead they resort to using way more old and slow
>>> chips.
>> No. In space you need rad-hard chips.
>
> Who cares for what's used in space? Most of these chips are used on earth,
> for doing calculations on design or for steering.

Space was mentioned above three (3) times. The old but reliable designs
are used up there.

The secretaries at the NASA headquarters use the same kind of desktops
as anybody else. A computer doesn't become "aerospace" just by being
used by someone whose paycheck comes from NASA.

-- Lassi

Sebastian Gottschalk wrote:
> OK, and why should spacecraft designers care for computers that are only
> used on earth's ground?

Again, the word is reliability. Designs must be functionally well
proven AND use parts that are 'fully qualified'. Speed of computer
chip is not as important as design been well proven AND money already
spent to have a part 'fully qualified'.

Any complicated computations are better performed on earth.

Again, electronics for different environments - space, military, or
retail - have different parameters. Furthermore, most all electronics
is redundant. Function of an IC for military or aerospace is more
often a same function found previously in retail products. IC
certified for harsh environments may take many years to eventually be
'fully qualified'. By that time, hardware is considered obsolete in a
retail marketplace.

Meanwhile, a legacy from retail designs (ie hardware that is not
harmed by software) is later incorporated in those 'harsh environment'
designs. 'High tech' contains mostly legacy designs with a few
innovations. If a completely new design is defective (if software can
harm the hardware), then the concept called legacy corrects that
problem and verifies it does not happen again. Then hardware is ready
for other environments. Again, the word is reliability.

Lassi Hippeläinen wrote:
> Sebastian Gottschalk wrote:
>
> > w_tom wrote:
> >
> >> Sebastian Gottschalk wrote:
> >>>> For example, spacecraft don't use advanced Pentium processors.
> >>>> Spacecraft use 8086 or 68000 version processors that have been well
> >>>> proven in retail and commercial applications AND then were qualified
> >>>> (tested) for space operation.
> >>>
> >>> The main reason is that they're cheap.
> >>
> >> Apparently you have not worked in and meet requirements for aerospace.
> >> Getting a semiconductor 'fully qualitifed' is not cheap.
> >
> > Again: They could also use qualified and long-tested modern
> > high-performance chips. Instead they resort to using way more old and slow
> > chips.
>
> No. In space you need rad-hard chips. And it's not enough to package the
> chip better, you have to redesign the silicon to be tolerant to occasional
> charged particles that hit the chips anyway. The market for those chips is
> so small that you just can't get the latest and shiniest processors. In
> many cases you don't even need them. The bottleneck isn't processing power
> (except maybe in imaging), it's in communications.
>

The gov can't even get them to build one as part of some sort of
special contract
or something?

> -- Lassi

w_tom wrote:
> Sebastian Gottschalk wrote:
> > OK, and why should spacecraft designers care for computers that are only
> > used on earth's ground?
>
> Again, the word is reliability. Designs must be functionally well
> proven AND use parts that are 'fully qualified'. Speed of computer
> chip is not as important as design been well proven AND money already
> spent to have a part 'fully qualified'.
>

Oh, so it would cost too much then to have a fast processor built and
"fully
qualified"?

> Any complicated computations are better performed on earth.
>
> Again, electronics for different environments - space, military, or
> retail - have different parameters. Furthermore, most all electronics
> is redundant. Function of an IC for military or aerospace is more
> often a same function found previously in retail products. IC
> certified for harsh environments may take many years to eventually be
> 'fully qualified'. By that time, hardware is considered obsolete in a
> retail marketplace.
>
> Meanwhile, a legacy from retail designs (ie hardware that is not
> harmed by software) is later incorporated in those 'harsh environment'
> designs. 'High tech' contains mostly legacy designs with a few
> innovations. If a completely new design is defective (if software can
> harm the hardware), then the concept called legacy corrects that
> problem and verifies it does not happen again. Then hardware is ready
> for other environments. Again, the word is reliability.

w_tom wrote:
> Sebastian Gottschalk wrote:
> > OK, and why should spacecraft designers care for computers that are only
> > used on earth's ground?
>
> Again, the word is reliability. Designs must be functionally well
> proven AND use parts that are 'fully qualified'. Speed of computer
> chip is not as important as design been well proven AND money already
> spent to have a part 'fully qualified'.
>
> Any complicated computations are better performed on earth.
>
> Again, electronics for different environments - space, military, or
> retail - have different parameters. Furthermore, most all electronics
> is redundant. Function of an IC for military or aerospace is more
> often a same function found previously in retail products. IC
> certified for harsh environments may take many years to eventually be
> 'fully qualified'. By that time, hardware is considered obsolete in a
> retail marketplace.
>
> Meanwhile, a legacy from retail designs (ie hardware that is not
> harmed by software) is later incorporated in those 'harsh environment'
> designs. 'High tech' contains mostly legacy designs with a few
> innovations. If a completely new design is defective (if software can
> harm the hardware), then the concept called legacy corrects that
> problem and verifies it does not happen again. Then hardware is ready
> for other environments. Again, the word is reliability.

Oh, so durable military computers' hardware CANNOT be destroyed by
software, then? No way no how. It is impossible as in truly, utterly,
IMPOSSIBLE.

w_tom wrote:
> For a longest time, satellites, et al did not have computer
> (microprocessors) or even encryption. Satellites were a gentleman's
> game even during the Cold War. Most processing was performed on earth.
> A satellite had only enough intelligence to maintain itself for short
> periods. Electronics was the simplest and the least complex possible.
>
> Later, simple processors were installed only for station keeping -
> only to increase reliability. I suspect TDRSS (NASA's communication
> satellite system) may have been a first to use intelligent processing
> for data - satellite operating as a switch and not as a repeater.
> However that is the trend. Electronics in aerospace is the simplest,
> old, and well understood because reliability and being 'fully
> qualified' are so critical. To put something more advanced means there
> was no alternative. Only then was massive money spent to qualify a new
> part.
>
> When more processing power is required, an expensive process would be
> used to qualify a newer and yet well proven processor. So designers
> kept most intelligent functions on earth. Yes, slowly more robust
> processors make it into space. But rarely is anything 'state of the
> art' in aerospace. 'Reliability' is a far larger consideration which
> often means old and well proven hardware. Processing power of one
> astronaut's laptop is far more powerful than all Shuttle computers
> combined. That laptop need not be reliable. Those shuttle computers
> must be extremely reliable - and still they sometimes fail. Therefore
> the Shuttle has five computers making flight decisions. A poll
> determines which three will be believed. Again, it's about
> reliability and why those computers have so little processing power.
>
>
> Viruses that attack firmware have even been shipped (unknowingly) by
> the computer manufacturer. Such viruses, although rare, have been
> observed (and manufacturers don't like to talk about it). But again,
> no hardware damage.
>
> Cited previously was the case where a monitor signal too high in
> frequency could cause monitor damage. So yes, sometimes a designer
> does make a mistake, the lessons learned, and hardware fixed so that
> software cannot cause damage.
>
> We also built customized equipment where a software bug could cause
> relay damage. But again, this was customized equipment AND restricted
> users also had no access to embedded software. Software was embedded
> so that damage could not result from user programming. Even customized
> equipment makes hardware as resilient as possible to software failure
> or malware.
>
> The context is not such custom equipment. This context is consumer
> computers. Consumer electronics is designed so that software cannot
> harm hardware. Consumer equipment must be that 'idiot proof'.
>
> More complex and custom equipment can be harmed if the attacker has
> very specific engineering knowledge of that item; a specific item
> targeted. Specific engineering knowledge is what a virus writer must
> have to specifically attack firmware for a specific machine. These
> customized machines were designed so that software could not cause
> hardware damage. But then some functions might not be so robust
> because costs would be so high and because of the unique customized
> nature of its function. It is possible to put a virus into a robot so
> that robot destroys its own arms. But then good luck trying to do it.
> It is possible, but ....
>
> Supercomputers are a different environment. The days of customize
> hardware (ie Cray XMPs) are gone. Same processor chips built for
> commercial purposes now are used in supercomputers where numbers of
> processors - not specialized functions - are the objective. Most
> 'souped up' chips are sold in the market. An example: Sony Playstation
> 3. This new hardware is also challenging how software can utilize the
> power - creates a massive challenge to software engineers.
>
> Don't assume that because it is a nuclear missile, then it must have
> the most advanced electronics. Instead, it will have the most
> 'reliable' electronics. Each market has different parameter
> requirements. Sony Playstation 3 would be far too unreliable for
> aerospace use.
>

And nuclear missiles do not need gigantic high-power computers, so it
would be a waste of cash to get a "reliable", high-power processor
built, right? And everything is determined by the amount of available
money, and that money has to be spent wisely. Spending it on getting a
super-tough Pentium built would be a waste, when one could do fine
with something much slower.

> But consumer electronics is carefully designed so that software will
> not damage hardware. Computers are legacy designs where most of the
> machine is simply a faster version of the same thing done a decade ago.
> That legacy requirement is important because of what the market
> demands of consumer electronics - where everything is a black box and
> the retail 'computer expert' does not even know what a power supply
> does. In such markets, hardware is designed so that software (viruses,
> bugs, and mistakes) cannot damage hardware.
>

But in aerospace, etc. is the hardware used also just as impervious, if
not
more so, to software-induced destruction?

> mike4ty4@yahoo.com wrote:
> > So then, basically, it would be very difficult to write a virus that
> > could attack 95% of the firmware out there and thus require
> > 95% of infected systems to be sent back to the factory (which
> > is what I had in mind when I asked the original question -- a
> > virus that would demand factory return.), or have parts
> > replaced, etc., and almost impossible to damage hardware
> > physically with the virus, right?
> >
> > You mentioned about spacecraft not using advanced Pentium
> > processors, only 8086s. But what if they needed more
> > computing power? 8086 is a very slow processor and is only
> > useful for relatively simple things. Even though they might not
> > need it now, what if they do in the future?
> >
> > I also needed to know about the motivation to make the virus
> > thing, where I asked about the military. Could it be possible
> > that the military has a virus that can damage hardware or
> > otherwise mandate physical repair procedures?
> >
> > Also, though, for military computers used for doing complex
> > calculations or other intense activities, including
> > supercomputers, is it possible that the chip companies
> > manufacture "souped-up" chips for THOSE computers?

w_tom wrote:
> For a longest time, satellites, et al did not have computer
> (microprocessors) or even encryption. Satellites were a gentleman's
> game even during the Cold War. Most processing was performed on earth.
> A satellite had only enough intelligence to maintain itself for short
> periods. Electronics was the simplest and the least complex possible.
>
> Later, simple processors were installed only for station keeping -
> only to increase reliability. I suspect TDRSS (NASA's communication
> satellite system) may have been a first to use intelligent processing
> for data - satellite operating as a switch and not as a repeater.
> However that is the trend. Electronics in aerospace is the simplest,
> old, and well understood because reliability and being 'fully
> qualified' are so critical. To put something more advanced means there
> was no alternative. Only then was massive money spent to qualify a new
> part.
>
> When more processing power is required, an expensive process would be
> used to qualify a newer and yet well proven processor. So designers
> kept most intelligent functions on earth. Yes, slowly more robust
> processors make it into space. But rarely is anything 'state of the
> art' in aerospace. 'Reliability' is a far larger consideration which
> often means old and well proven hardware. Processing power of one
> astronaut's laptop is far more powerful than all Shuttle computers
> combined. That laptop need not be reliable. Those shuttle computers
> must be extremely reliable - and still they sometimes fail. Therefore
> the Shuttle has five computers making flight decisions. A poll
> determines which three will be believed. Again, it's about
> reliability and why those computers have so little processing power.
>
>
> Viruses that attack firmware have even been shipped (unknowingly) by
> the computer manufacturer. Such viruses, although rare, have been
> observed (and manufacturers don't like to talk about it). But again,
> no hardware damage.
>
> Cited previously was the case where a monitor signal too high in
> frequency could cause monitor damage. So yes, sometimes a designer
> does make a mistake, the lessons learned, and hardware fixed so that
> software cannot cause damage.
>
> We also built customized equipment where a software bug could cause
> relay damage. But again, this was customized equipment AND restricted
> users also had no access to embedded software. Software was embedded
> so that damage could not result from user programming. Even customized
> equipment makes hardware as resilient as possible to software failure
> or malware.
>
> The context is not such custom equipment. This context is consumer
> computers. Consumer electronics is designed so that software cannot
> harm hardware. Consumer equipment must be that 'idiot proof'.
>
> More complex and custom equipment can be harmed if the attacker has
> very specific engineering knowledge of that item; a specific item
> targeted. Specific engineering knowledge is what a virus writer must
> have to specifically attack firmware for a specific machine. These
> customized machines were designed so that software could not cause
> hardware damage. But then some functions might not be so robust
> because costs would be so high and because of the unique customized
> nature of its function. It is possible to put a virus into a robot so
> that robot destroys its own arms. But then good luck trying to do it.
> It is possible, but ....
>
> Supercomputers are a different environment. The days of customize
> hardware (ie Cray XMPs) are gone. Same processor chips built for
> commercial purposes now are used in supercomputers where numbers of
> processors - not specialized functions - are the objective. Most
> 'souped up' chips are sold in the market. An example: Sony Playstation
> 3. This new hardware is also challenging how software can utilize the
> power - creates a massive challenge to software engineers.
>
> Don't assume that because it is a nuclear missile, then it must have
> the most advanced electronics. Instead, it will have the most
> 'reliable' electronics. Each market has different parameter
> requirements. Sony Playstation 3 would be far too unreliable for
> aerospace use.
>
> But consumer electronics is carefully designed so that software will
> not damage hardware. Computers are legacy designs where most of the
> machine is simply a faster version of the same thing done a decade ago.
> That legacy requirement is important because of what the market
> demands of consumer electronics - where everything is a black box and
> the retail 'computer expert' does not even know what a power supply
> does. In such markets, hardware is designed so that software (viruses,
> bugs, and mistakes) cannot damage hardware.
>

So basically, you are saying that it depends on the system, consumer
systems are too difficult, and for more specialized things (like the
robot) it
would pretty much be a one-shot virus that wouldn't do great heaps of
damage, and thus would not be effective as a weapon except for very
specific circumstances (for example if your enemy was planning to
deploy the robot on you.). Not as a weapon of mass destruction, though,
which would have to be able to attack a great many different systems.

> mike4ty4@yahoo.com wrote:
> > So then, basically, it would be very difficult to write a virus that
> > could attack 95% of the firmware out there and thus require
> > 95% of infected systems to be sent back to the factory (which
> > is what I had in mind when I asked the original question -- a
> > virus that would demand factory return.), or have parts
> > replaced, etc., and almost impossible to damage hardware
> > physically with the virus, right?
> >
> > You mentioned about spacecraft not using advanced Pentium
> > processors, only 8086s. But what if they needed more
> > computing power? 8086 is a very slow processor and is only
> > useful for relatively simple things. Even though they might not
> > need it now, what if they do in the future?
> >
> > I also needed to know about the motivation to make the virus
> > thing, where I asked about the military. Could it be possible
> > that the military has a virus that can damage hardware or
> > otherwise mandate physical repair procedures?
> >
> > Also, though, for military computers used for doing complex
> > calculations or other intense activities, including
> > supercomputers, is it possible that the chip companies
> > manufacture "souped-up" chips for THOSE computers?

mike4ty4@yahoo.com wrote:
> Oh, so durable military computers' hardware CANNOT be destroyed by
> software, then? No way no how. It is impossible as in truly, utterly,
> IMPOSSIBLE.

You are asking for absolutes. Humans are not perfect. Some military
hardware is custom designed for other extreme situations so that some
standard features must be forgotten ... as posted earlier about custom
hardware and about robot arms. Stop asking for absolutes. They only
exist in a Rush Limbaugh world or where the executives are MBA school
graduates. Trends exists. You are demanding an executive summary
when many previous posts are the shortest answer possible.

Where software can damage hardware, in retail computer products, then
that is a major design failure. Remove any one word or take anything
out of context and the entire sentence is invalid. Your above
'executive summary' demonstrates how people get killed by management
who do not come from where the work gets done - and therefore needs
answers that ignore a long and necessary list of technical details.
They have little grasp of 'context' but somehow know they are
experts.

That 'executive summary' suggests maybe half of what was posted was
completely ignored - as is so common among executives who don't come
from where the work gets done. Learn why disasters (ie Columbia)
happen. The boss did as your above summary now does. That above
sentence therefore contains little of what was posted earlier - but is
exactly what the MBA school boss would do because he does not have dirt
under his fingernails. That above quoted paragraph has little in
common with what was posted.

mike4ty4@yahoo.com wrote:
> Oh, so it would cost too much then to have a fast processor built and
> "fully qualified"?

Little really 'costs too much'. You are looking for a single reason
in a world where many different factors must be applied simultaneously
- and put into perspective. Look - why would I use a 800 Mhz Pentium
when a 10 Mhz processor that is already 'fully qualified', that already
has some proven software that does something similar, whose performance
has already been tested in space, etc exists?

Yes we could spend $0.5 million to 'fully qualify' a faster
processor. But why? Implied is that you are inspired by faster
processor - or what Tim was so enthralled by in Home Improvement? You
are doing the same thing he mocks - "more power".

When that 800 Mhz processor function is necessary for space, then
eventually it will be flight qualified. Currently those larger
transistors in the 10 Mhz processor are well understood when exposed to
radiation, et al in space.

Sebastian Gottschalk wrote:
> And again you're ignoring where the real cost benefit comes from: Because
> those old processors are so cheap and mass-produced. The 0.5$ on certifying
> a new, faster processor are peanuts in comparison to production costs.

So you have no problem spending $0.5 million to have each part 'fully
qualified' for a couple of satellites? Do you have any idea how many
semiconductors parts are in a satellite? The math says your post is
nothing but complete denial. What is your point?

"w_tom" <w_tom1@usa.net> wrote in news:1163780861.563879.31950
@h54g2000cwb.googlegroups.com:

> mike4ty4@yahoo.com wrote:
>> Oh, so durable military computers' hardware CANNOT be destroyed by
>> software, then? No way no how. It is impossible as in truly, utterly,
>> IMPOSSIBLE.
>
> You are asking for absolutes. Humans are not perfect. Some military
> hardware is custom designed for other extreme situations so that some
> standard features must be forgotten ... as posted earlier about custom
> hardware and about robot arms. Stop asking for absolutes.

w_tom ALWAYS asks for absolutes when you try to counter what he says, so
why can not anyone ask him for absolutes ?

mike4ty4@yahoo.com wrote:
> Hi.
>
> Consider a hypothetical computer virus that would cause a CPU to
> overheat and burn up. Is this possible? Is it possible, through
> software, to get a CPU to overclock so far and the cooling fans to shut
> off completely, until it bursts? I've heard that modern CPUs can be

Any decent sort of hardware (especially ones with a BIOS overclocking
setting) has a thermal trip. if the cpu gets too hot, it will shut down
the system. Theoretically it would be possible if the system rom is
shadowed, to overwrite specific parts of the shadowed system rom (stored
in ram) with arbitrary code to mess with the fan speeds if dynamic fans
speeds are controlled by that, but it's very far fetched and would
probably only be damaging to one specific model of motherboard. And most
hardware has a hard-wired tripping anyway.

Just my 0.02 in there.

Ok, I noticed that this was a rather dead thread but in my very short research into such topics i stumbled across it as must have many other curious readers. To put a somewhat meaningful and final answer to the question, YES viruses CAN cause damage to your hardware. Granted, there have hardly been any seen that can. Writing the code is EXTREMELY complex and for any hacker to even WANT to do so is crazy and cost them hundreds of dollars in experimental fees (or they better have one hell of a warranty on there machine). I know several black hats and have done a touch of hacking/programming myself to say the least. Granted most of my endeavors are for knowledge purposes and to test the boundaries of what coding is possible. But to write the code to permanently damage a computer (in explanation) is simple.

What the "theoretical" virus must do:
Step 1: Over-clock the CPU from BIOS
Step 2: Disable fans
Step 3: Disable all protection in the BIOS.

Its that simple folks. What will result is your CPU overheating and causing many of the other wiring/circuitry to melt. A computer is relatively stupid, it runs with ON/OFF switches (1's and 0's) and if u turn on the switch that is supposed to be off its broke. The code that protects your computer from over-heating (simplified of course) basically reads "If CPU temp > 30 then shutdown PC" thats the basis for ur CPU overheating protection in the BIOS. If you wish to fry a computer thats how you would go about it. The reason something like this isn't created is because:

1) you cannot spread something like this....
2) There is nothing to be gained from it, hacking and virus making has become a HUGE profit organization and destruction is not profitable unless u gain access somewhere else and for something else so there is no point.

If you want more destruction, since i will never be back here odds are but at least others will learn that it is possible and maybe answer a few questions, to burn down a house (granted you have to know that there are flammable substances near by the computer) write a program to increase the wattage pull from all hardware devices (a BIOS control) and over-power the power supply and cause it to spark.

And in case you all wanted to know, im going to graduate college with a degree in computer science and go into the computer security field so you dont have to worry about things like this coming FROM me but be glad there are is at least myself, and hopefully others like myself, that can think like black hats and destructive people and be able to, hopefully, prevent things like this from happening to the rest of the world out there. :) with this essay written, i hope i have answered some questions for anyone else out there researching viruses and there destructive capability and goodbye :)

Unknown_ghost wrote:

> Ok, I noticed that this was a rather dead thread but in my very short
> research into such topics i stumbled across it as must have many other
> curious readers. To put a somewhat meaningful and final answer to the
> question, YES viruses CAN cause damage to your hardware. Granted, there
> have hardly been any seen that can. Writing the code is EXTREMELY
> complex and for any hacker to even WANT to do so is crazy and cost them
> hundreds of dollars in experimental fees (or they better have one hell
> of a warranty on there machine).


Nonsense. There is a free BIOS flashing utility written in Pascal that has
extensive documentation how BIOS flashing works on a wide variety of
chipset, so there's no need for testing. Even further, unless you overwrite
the boot block (which is possible on some chipsets), you can always do a
recovery flash.

> Step 1: Over-clock the CPU from BIOS

> Step 2: Disable fans

> Step 3: Disable all protection in the BIOS.
>
> Its that simple folks. What will result is your CPU overheating and
> causing many of the other wiring/circuitry to melt.


Since Pentium III and AMD's Athlon any chipset has been able to simply
shutdown the system due to overheat. Pentium IV and K8 are fully able to
trottle themselves down to not overheat at all.
And even on older chipsets an overheat will initially cause random code
execution, which easily leads to a triple fault and therefore to a soft reset.

> The code that protects your computer from over-heating (simplified of
> course) basically reads "If CPU temp > 30 then shutdown PC" thats the
> basis for ur CPU overheating protection in the BIOS.

Aside from the little detail that this is in SM Mode and done by the ACPI
firmware of the chipset, not the BIOS, this is complete nonsense. Overheat
protection is done via Machine Check Exception.

> 2) There is nothing to be gained from it, hacking and virus making has
> become a HUGE profit organization and destruction is not profitable
> unless u gain access somewhere else and for something else so there is
> no point.


Hint: Not everything in life is about profit. Some people harm others just
for fun.