Hacking Like It's 1981

14 Dec 2024

Back in July, I encountered a bit of weirdness in the way that the ZX81 addresses RAM when it only has a single kilobyte. I was reminded of this listening to the latest episode of Risky Business, which reported on an interesting and decidedly 21st-century attack.

AMD’s recent processors offer SEV, a suite of features to protect Virtual Machines from compromise even when the attacker (say, a cloud hosting provider) has physical access to the processor. The BadRAM undermines a key plank of this in a pleasingly straightforward way, by causing the system to report that it has twice as much RAM as it actually has. Just as with the ZX81, the additional bit of the address (just the one in this case) is ignored, meaning each physical location can be referenced by two address. One of these is correctly protected by SEV, but the other is up for grabs.

It’s some fascinating security research in its own right, but also highlights the similarity of computers today and those of forty (and more) years ago. We’ve added many layers of capability and complexity, and scaled up by orders of magnitude on every axis, but underneath all of that many of the fundamentals are unchanged. Understanding those fundamentals is still important.

Permalink Mail

This site is maintained by me, Rob Hague. The opinions here are my own, and not those of my employer or anyone else. You can mail me at rob@rho.org.uk, and I'm @robhague@mas.to on Mastodon and robhague on Twitter. The site has a full-text RSS feed if you're so inclined.

Body text is set in Georgia or the nearest equivalent. Headings and other non-body text is set in Cooper Hewitt Light (© 2014 Cooper Hewitt Smithsonian Design Museum, and used under the SIL Open Font License). BBC BASIC code is set in FontStruction “Acorn Mode 1” by “p1.mark” (licensed under a Creative Commons Attribution Share Alike license).

All content © Rob Hague 2002-2024, except where otherwise noted.