mark at livecode.com
Mon May 15 13:00:24 CEST 2017
On 2017-05-13 19:05, Richmond Mathewson via use-livecode wrote:
> You cannot send a virus to a BBC because the whole system resides on a
> ROM chip!
Not true - if you have any persistent storage attached to a system (e.g.
your winchester disk),
and that system interacts with data which comes from outside (via the
DIMM port) then 'all' an
attacker needs to do is find a vulnerability in the code which executes
when receiving data
on that port allowing arbitrary code to be executed (which would be
hidden in the message), and
find a place it can inject itself onto your persistent storage which is
loaded into memory
and executed and the rest is history...
Of course, the amount of return you'd get on trying to hack such ancient
setups is probably
zero so you are probably fine.
However, lots of legacy systems still run mission critical
infrastructure around the globe
so age of systems has nothing to do with vulnerability - as soon as it
connects to any external
information source whether it be humans, or the internet there is
For example there was a whole raft of virii on Acorn Archimedes machines
- usually distributed
via tweaking the boot record of floppy discs to inject malicious code;
and around the same time
MS had to do something about AutoRun - which was the source of a great
deal of viral infections
when people handed around USB sticks without thinking.
Mark Waddingham ~ mark at livecode.com ~ http://www.livecode.com/
LiveCode: Everyone can create apps
More information about the use-livecode