From owner-freebsd-questions@FreeBSD.ORG Thu Jun 12 09:01:24 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 877801065674 for ; Thu, 12 Jun 2008 09:01:24 +0000 (UTC) (envelope-from perryh@pluto.rain.com) Received: from agora.rdrop.com (agora.rdrop.com [199.26.172.34]) by mx1.freebsd.org (Postfix) with ESMTP id 5EB9E8FC19 for ; Thu, 12 Jun 2008 09:01:24 +0000 (UTC) (envelope-from perryh@pluto.rain.com) Received: from agora.rdrop.com (66@localhost [127.0.0.1]) by agora.rdrop.com (8.13.1/8.12.7) with ESMTP id m5C91Mhu082475 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 12 Jun 2008 02:01:23 -0700 (PDT) (envelope-from perryh@pluto.rain.com) Received: (from uucp@localhost) by agora.rdrop.com (8.13.1/8.12.9/Submit) with UUCP id m5C91MmX082474; Thu, 12 Jun 2008 02:01:22 -0700 (PDT) Received: from fbsd61 by pluto.rain.com (4.1/SMI-4.1-pluto-M2060407) id AA18277; Thu, 12 Jun 08 01:56:19 PDT Date: Thu, 12 Jun 2008 01:55:43 -0700 From: perryh@pluto.rain.com To: wojtek@wojtek.tensor.gdynia.pl, daf@freebsd.org Message-Id: <4850e48f.OySiv66mGU2z+ZMS%perryh@pluto.rain.com> References: <20080611210313.6D88F8FC1C@mx1.freebsd.org> <20080612093739.J2278@wojtek.tensor.gdynia.pl> In-Reply-To: <20080612093739.J2278@wojtek.tensor.gdynia.pl> User-Agent: nail 11.25 7/29/05 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: naylor.b.david@gmail.com, freebsd-questions@freebsd.org Subject: Re: FreeBSD and User Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jun 2008 09:01:24 -0000 > > It is my understanding that since 1995 all computers must have > > a hardware back door that permits undetectable access by the > > government to the computer. This capability can be implemented > > using System Monitor(Maintenance) Mode which is built into all > > x86 computers now. It would appear that, if you are connected > > to the internet, the government has access to your computer. > > if it were true, this "system maintenance mode" would have to > access your network card in parallel with main OS without making > conflicts A near-trivial exercise in virtualization, provided it knows what kind of card is in use and what addresses it occupies, which is rather easy if the "card" is in fact built onto the mainboard. Of course, it is also trivial to defeat it by using an add-in card instead of the one on the mainboard, esp. a card whose design did not exist when the bios was written. Cycles consumed by SMM might also explain why some PCs' clocks seem to run slower than real time ...