Cybersecurity

6552 readers

290 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

183

Undocumented backdoor found in Bluetooth chip used by a billion devices (www.bleepingcomputer.com)

submitted 1 day ago* (last edited 1 day ago) by neme@lemm.ee to c/cybersecurity@sh.itjust.works

32 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] grue@lemmy.world 42 points 1 day ago* (last edited 1 day ago) (2 children)

Maybe, maybe not. Keep in mind that opcodes are the lowest-level part of the programming stack. They're literally just integers transmitted on the system bus. So if you've got, for example, 35 operations that you're actually trying to implement, you need 2^n^ ≥ 35 or n = 6 signal lines in your bus to transmit it. But since 2^6^ = 64, that means it's possible to put another 29 values on that 6-bit bus, with completely undefined behavior unless you go out of your way to handle them in the instruction decoder (increasing the size and therefore cost of your silicon, which is very undesirable in an embedded chip that sells for less than $1).

It is not at all implausible for one of those undefined instructions to just happen to do something that an attacker would find useful, by sheer coincidence.

[–] olafurp@lemmy.world 3 points 1 day ago (1 children)

Couldn't they just designate them as no-op codes?

[–] dave@feddit.uk 13 points 1 day ago

Yes, but to do that they have to be decoded and handled. That's basically what the commenter above was saying.

The original 6502 had many undocumented opcodes for this reason, and developers stated exploiting them for various reasons. The CMOS 65C02 redefined them to no-op. This has been going on a long time.

[–] sunzu2@thebrainbin.org 1 points 1 day ago (1 children)

It is not at all implausible for one of those undefined instructions to just happen to do something that an attacker would find useful, by sheer coincidence.

It amazing how there is an endless supply of these "coincidence"

[–] grue@lemmy.world 27 points 1 day ago

Well, yeah. That's because it's inherent to how CPUs work. Every single CPU on the planet has undefined opcodes, unless the number of defined ones just happens to be a power of two.