This chapter is from the book
16.7 Project Ideas
- In Section 16.1.1, we noted that a colleague insists that it’s impossible to read data from disks once the cells themselves have been overwritten. Nonetheless, rumors persist (e.g., "just hack the disk controller code to change the head alignment so it reads the edges of the tracks instead!"). Prove our colleague wrong!
- In Section 16.2.1, we discussed how an attack that forces the CPU to take one direction of the branch—whether or not it’s correct—could let the adversary subvert the correctness of the system. Can you find some real code examples of this?
- Learn a bit about how dongles are used to protect software. Can you think of ways to break them? Can you design a better scheme?
- Implement modular exponentiation for 1024-bit integers on a 32-bit machine. Time the result of your software-only implementation, and compare it to numbers given by your favorite cryptographic accelerator’s hardware implementation.
- Assume that we had a TPM whose PCRs used MD5 as a hash algorithm instead of SHA1. Knowing that MD5 has some problems (see Chapter 8), think about ways that you can exploit MD5 weaknesses to hack a TPM.
- Sketch a design for new CPU interfaces that would make it easier to determine what code was being executed in what context. (Extra credit: Prototype your design with OpenSPARC.)
- One popular use of virtualization is in Linux honeypots that rely on user-mode linux (UML). Design (and code, for extra credit) a red pill to determine whether your program is running on UML. How does "real" virtualization (i.e., under the OS) improve the situation?