Mustang
02-24-06, 07:22 PM
Okay,
it is nice to see the Anti-SF campaign run about and tell people what things MIGHT DO. Well I figure for the heck of it I'd tell what things DO, DO!
First off what is the Ring 0 Protection Ring?
A protection ring is one of two or more hardware-enforced levels of privilege within the architecture of a computer CPU. Rings were among the more revolutionary and visible concepts introduced by the Multics operating system, a highly secure predecessor of today's UNIX family of operating systems (however, most UNIX systems have dropped the ring architecture). Many modern CPU architectures (including the popular Intel x86 architecture) include some form of ring protection, although operating systems do not always fully exploit it.
Description
Rings are arranged in a hierarchy from most privileged (most trusted, usually numbered zero) to least privileged (least trusted, usually with the highest ring number). The original Multics system had eight rings, but many modern systems have fewer. The hardware is aware of the current ring of the executing instruction thread at all times, thanks to special machine registers. In some systems, areas of virtual memory are also assigned ring numbers in hardware, and/or the most privileged ring is given special capabilities (such as real memory addressing that bypasses the virtual-memory hardware).
The hardware severely restricts the ways in which control can be passed from one ring to another, and also enforces restrictions on the types of memory access that can be performed across rings. Typically there is a special gate or call instruction that transfers control in a secure way towards predefined entry points in lower-level (more trusted) rings; this functions as a supervisor call in many operating systems that use the ring architecture. The hardware restrictions are designed to limit opportunities for accidental or malicious breaches of security.
Ring protection can be combined with processor modes (master/kernel/privileged mode versus slave/user/unprivileged mode) in some systems. Operating systems running on hardware supporting both may use both forms of protection or only one.
Effective use of ring architecture requires close cooperation between hardware and the operating system. Operating systems designed to work on multiple hardware platforms may make only limited use of rings if they are not present on every supported platform. Often the security model is simplified to "kernel" and "user" even if hardware provides finer granularity through rings.
The above is copied verbatim from Wkikpedia(ain't pleadgerism fun!), it gives a good description of what Rings are. Things it fails to note is Ring 0 has many names, among some them are, "The HAL TUBE, HAL's GATEWAY, KERNAL MODE, and the HardWare Tunnel."
What is HAL?
Well someone obviously didn't see 2001 a Space Odyssy or they did and decided it would be funny to put a little HAL into everyone's PC.
Usually If something messes up I blame HAL and just hope he doesn't reply with calling me Dave. Hal is Short for hardware abstraction layer, programming in an operating system that functions as an interface between a system’s hardware and software, providing a consistent hardware platform on which to run applications. When a HAL is employed, applications do not access hardware directly but access the abstract layer provided by the HAL. Like APIs, HALs allow applications to be device-independent because they abstract information from such systems as caches, I/O buses and interrupts and use this data to give the software a way to interact with the specific requirements of the hardware on which it is running.
This means on a windowsXP OS all the programs of your computer USE HAL to communicate to your hardware and vice versa. HAL has ring 0 which means it has unlimited access to all of your computer's resources, this is so the applications do not need to access the hardware directly and that HAL can access whatever it need to accomplish the tasks it is given.
So HAL is a good thing to want to give ring 0 because without it, it would be limited and most hardware on your mahcine would run improperly or not at all.
What else uses Ring 0?
Firewalls use ring 0 to override certain hardware so that it stops all traffic to and from your computer whenever you engage the security lock.
Bluetooth Software, I believe uses it in order to override hardware settings from the settings control panels.
I'm sure there are others but this post is long enough as is.
What I'm saying here is that 'Ring 0' has been the way in which CPUs have secures computers since windows NT, its in the CPU as a means to permit and deny access to trusted or untrusted applications. The ring system has been around for a while, ans has been vulnerable ever since the first published buffer overflow exploit for Windows, so no need to start panicing about it now.
as for starForce it has Ring 0, in my opinion, I think that's way too much access for a commercial software other then a firewall. But here's the thing. A hacker has to get passed your firewall in order to even try to use SF's ring status and in order to circumvent your firewall he'd already have access to your computer from your firewall, so it would be pointless for him to want SFs too because in a sense once he's passed your FireWall he already has ring 0. My suggestion, find a CPU that dosn't use this system of control, the ring system is old and as with all technology becoming more and more vulnerable as it ages on.
Me, I'll just wait for the new CELL CHIP coming out.
it is nice to see the Anti-SF campaign run about and tell people what things MIGHT DO. Well I figure for the heck of it I'd tell what things DO, DO!
First off what is the Ring 0 Protection Ring?
A protection ring is one of two or more hardware-enforced levels of privilege within the architecture of a computer CPU. Rings were among the more revolutionary and visible concepts introduced by the Multics operating system, a highly secure predecessor of today's UNIX family of operating systems (however, most UNIX systems have dropped the ring architecture). Many modern CPU architectures (including the popular Intel x86 architecture) include some form of ring protection, although operating systems do not always fully exploit it.
Description
Rings are arranged in a hierarchy from most privileged (most trusted, usually numbered zero) to least privileged (least trusted, usually with the highest ring number). The original Multics system had eight rings, but many modern systems have fewer. The hardware is aware of the current ring of the executing instruction thread at all times, thanks to special machine registers. In some systems, areas of virtual memory are also assigned ring numbers in hardware, and/or the most privileged ring is given special capabilities (such as real memory addressing that bypasses the virtual-memory hardware).
The hardware severely restricts the ways in which control can be passed from one ring to another, and also enforces restrictions on the types of memory access that can be performed across rings. Typically there is a special gate or call instruction that transfers control in a secure way towards predefined entry points in lower-level (more trusted) rings; this functions as a supervisor call in many operating systems that use the ring architecture. The hardware restrictions are designed to limit opportunities for accidental or malicious breaches of security.
Ring protection can be combined with processor modes (master/kernel/privileged mode versus slave/user/unprivileged mode) in some systems. Operating systems running on hardware supporting both may use both forms of protection or only one.
Effective use of ring architecture requires close cooperation between hardware and the operating system. Operating systems designed to work on multiple hardware platforms may make only limited use of rings if they are not present on every supported platform. Often the security model is simplified to "kernel" and "user" even if hardware provides finer granularity through rings.
The above is copied verbatim from Wkikpedia(ain't pleadgerism fun!), it gives a good description of what Rings are. Things it fails to note is Ring 0 has many names, among some them are, "The HAL TUBE, HAL's GATEWAY, KERNAL MODE, and the HardWare Tunnel."
What is HAL?
Well someone obviously didn't see 2001 a Space Odyssy or they did and decided it would be funny to put a little HAL into everyone's PC.
Usually If something messes up I blame HAL and just hope he doesn't reply with calling me Dave. Hal is Short for hardware abstraction layer, programming in an operating system that functions as an interface between a system’s hardware and software, providing a consistent hardware platform on which to run applications. When a HAL is employed, applications do not access hardware directly but access the abstract layer provided by the HAL. Like APIs, HALs allow applications to be device-independent because they abstract information from such systems as caches, I/O buses and interrupts and use this data to give the software a way to interact with the specific requirements of the hardware on which it is running.
This means on a windowsXP OS all the programs of your computer USE HAL to communicate to your hardware and vice versa. HAL has ring 0 which means it has unlimited access to all of your computer's resources, this is so the applications do not need to access the hardware directly and that HAL can access whatever it need to accomplish the tasks it is given.
So HAL is a good thing to want to give ring 0 because without it, it would be limited and most hardware on your mahcine would run improperly or not at all.
What else uses Ring 0?
Firewalls use ring 0 to override certain hardware so that it stops all traffic to and from your computer whenever you engage the security lock.
Bluetooth Software, I believe uses it in order to override hardware settings from the settings control panels.
I'm sure there are others but this post is long enough as is.
What I'm saying here is that 'Ring 0' has been the way in which CPUs have secures computers since windows NT, its in the CPU as a means to permit and deny access to trusted or untrusted applications. The ring system has been around for a while, ans has been vulnerable ever since the first published buffer overflow exploit for Windows, so no need to start panicing about it now.
as for starForce it has Ring 0, in my opinion, I think that's way too much access for a commercial software other then a firewall. But here's the thing. A hacker has to get passed your firewall in order to even try to use SF's ring status and in order to circumvent your firewall he'd already have access to your computer from your firewall, so it would be pointless for him to want SFs too because in a sense once he's passed your FireWall he already has ring 0. My suggestion, find a CPU that dosn't use this system of control, the ring system is old and as with all technology becoming more and more vulnerable as it ages on.
Me, I'll just wait for the new CELL CHIP coming out.