Research Inches Toward Processor-Specific Malware 155
chicksdaddy writes "The Windows/Office/IE monoculture is disappearing faster than equatorial glaciers — Mac OS X and iOS, Linux and Android ... and whole new application ecosystems to go with each. That's bad news for malware authors and other bad guys, who count on 9.5 out of 10 systems running Windows and Microsoft applications to do their magic. What's the solution? Why, hardware specific hacks, of course! After all, the list of companies making CPUs is far smaller than, say, the list of companies making iPhone applications. Malware targeting one or more of those processors would work regardless of what OS or applications were installed. There's just one problem: its not easy to figure out what kind of CPU a device is running. But researchers at France's Ecole Superiore d'Informatique, Electronique, Automatique (ESIEA) are working on that problem. Threatpost.com reports on a research paper that lays out a strategy for fingerprinting processors by observing subtle differences in the way they perform complex floating point calculations. The method allows them to distinguish broad subsets of processor types by manufacturer, and researchers plan to refine their methods and release a tool that can make specific processor fingerprinting a snap."
Re:Phew i'm good. (Score:3, Informative)
I hate to ask, but... (Score:4, Informative)
Do you actually work in corporate IT? Windows XP and IE6/7 dominate. Apple has little hope of taking hold in anything bigger than the art department at Comcast, and Linux is what the geekiest artist-type there uses at home.
I'm not advocating Windows... I'm simply pointing out that they are not going anywhere.
Re:Obligatory intel bashing (Score:3, Informative)
This depends apparently on your programming language. I know the .00000001 has to do with decimal to binary conversion which introduces this kind of errors. Anyway I just tried this in Python, and got a different result:
>>> 4195835*3145727/3145727
4195835L
>>> 4195835*3145727/3145727 == 4195835
True
>>> 4195835*3145727/3145727 == 4195835.00000001
False
>>>
Re:Apple has even less hope now (Score:3, Informative)
Personally I see Apple's strong point as the user interface, and the design of the cases they put their hardware in. Neither are important for servers.
A server has to sit in a corner, fit nicely so square (or for bigger setups: rackable) is preferred. Most of them don't have a monitor attached so a GUI is also unwanted.
Then what reason is there to pay an Apple price for a server?
Microsoft has a similar problem: their strong point is also the user interface, as that's what Windows is about after all. Windows is a desktop oriented OS, with server capabilities tacked on to it.
ESIEA is not "Superiore" but "Supérieure" (Score:2, Informative)
ESIEA is "École Supérieure d'Informatique, Électronique, Automatique".
With "supérieure", not "superiore" (which is, maybe, Italian?). Please also note the usage of the accents on some of the letters (even the capitals, as allowed in French, even if some of the French people do not know their usage (!))
Merci.
(A verbatim translation of ESIEA would give something like "High School for Computer Science, Electronic and Control Engineering", however, an "École Supérieure" in France is more like a college in the US, not an high school.)
Re:Do it from Javascript (Score:3, Informative)
While your premise is correct, your conclusion is not. Downclocking wasn't added to CPUs to save electricity, but to reduce temperature. Saving electricity is a side effect.
Downclocking was first added to mobile CPUs, and you can rest assured it was to save electricity (= battery).
Re:Huh? (Score:3, Informative)
And even in your house PPC isn't dead. All current generation consoles use PPC processors.