The uber hack?
Kris Kapersky, who has written several books on hacking and secure programming as well as developed his own Internet security suite, has announced he has found the ultimate backdoor.
Now, this is not the first time an exploit of the intel chips has been announced. Way back in 1999 when Pentium IIIs where just coming on the scene, it was shown that the serial code of the chips could be retrieved without the consent or knowledge of the user. Those of us who prefer to surf the net anonymously, certainly did not like the idea of big brother tracking us by the chip serial number. Then there are those in other countries where the ability to surf anonymously is a necessity. Still, a rather benign flaw overall that was quickly forgotten.
Now comes the announcement that intel chips can be remotely exploited via tcp or javascript! What makes this so important is that it is OS independent. You could be running the most secured OS available...and it wouldn't matter. The details of the exploit aren't currently available, and Kapersky has decided that mums the word until the Hack In The Box Conference scheduled for October. I know I'm not the only one that will be VERY interested in seeing the details of the exploit.
This is the second bombshell exploit to be announced. The first being the Cisco IOS rootkit that was revealed at the EuroSecWest. Add to that the multi-vendor DNS vulnerability that was recently announced, and now an Intel exploit. Yup...this could end up being a very fun year for security engineers.
