> I'd love to hear from any alums (danluu?) what the purpose of the coprocessor is.
Absolutely agree there, I can imagine it being ridiculously interesting.
But the truth might also be equal parts boring and scary instead. I mean...
> The backdoor allows ring 3 (userland) code to circumvent processor protections to freely read and write ring 0 (kernel) data. While the backdoor is typically disabled (requiring ring 0 execution to enable it), we have found that it is enabled by default on some systems.
> The core executes these commands (which we call the 'deeply embedded instruction set'), bypassing all memory protections and privilege checks.
> The rosenbridge backdoor is entirely distinct from other publicly known coprocessors on x86 CPUs, such as the Management Engine or Platform Security Processor; it is more deeply embedded than any known coprocessor, having access to not only all of the CPU's memory, but its register file and execution pipeline as well.
This is enough anti-plausible-deniability that I can just sweepingly point everybody in the direction of the big fat (flashing!) elephant in the room and the "..." sitting next to it.
I mean, VIA didn't have as much success as Intel or AMD, but they are a known name. Anything that implements x86 is going to have market penetration to some extent, and VIA achieved success in the industrial and embedded sectors.
If danluu was able to comment here and debunk what I'm saying, I would be both very surprised and even more delighted.
Absolutely agree there, I can imagine it being ridiculously interesting.
But the truth might also be equal parts boring and scary instead. I mean...
> The backdoor allows ring 3 (userland) code to circumvent processor protections to freely read and write ring 0 (kernel) data. While the backdoor is typically disabled (requiring ring 0 execution to enable it), we have found that it is enabled by default on some systems.
> The core executes these commands (which we call the 'deeply embedded instruction set'), bypassing all memory protections and privilege checks.
> The rosenbridge backdoor is entirely distinct from other publicly known coprocessors on x86 CPUs, such as the Management Engine or Platform Security Processor; it is more deeply embedded than any known coprocessor, having access to not only all of the CPU's memory, but its register file and execution pipeline as well.
This is enough anti-plausible-deniability that I can just sweepingly point everybody in the direction of the big fat (flashing!) elephant in the room and the "..." sitting next to it.
I mean, VIA didn't have as much success as Intel or AMD, but they are a known name. Anything that implements x86 is going to have market penetration to some extent, and VIA achieved success in the industrial and embedded sectors.
If danluu was able to comment here and debunk what I'm saying, I would be both very surprised and even more delighted.