Details of BIOS security, Re: Intel to include DRM in new Pentium 4 series processors

[Peter Gutmann]

Matthew Astley <lists-ukcrypto@fruitcake.demon.co.uk> writes:

>I would imagine cutting a track could protect the flash, if it were
>accessible, but that's a bit hairy for most!

Not necessarily (this is what Brian alluded to in his post).  Most flash
memory isn't dumb memory but has a built-in microsequencer which handles a
variety of simple commands.  You can't guarantee that, at the hardware level,
you've prevented all flash-damaging operations with only a write-protect
jumper, particularly since some devices may contains undocumented commands
(e.g. diagnostics) which you can't easily filter because you don't know they
exist.

However, these types of attacks are fairly sophisticated, so while you'd
expect someone thinking of attacking a crypto box would look at them, it's
unlikely a script kiddie aiming for the MSIE buffer overflow du jour would
bother.

Peter.