Hardware Features can Undermine Software Security
0A number of gaps in security exist at the boundary between system software and hardware. Unused hardware features or unexpected hardware behavior can result in designs of systems that are vulnerable to a wide range of attacks. I will present two projects that study such vulnerabilities by looking at this issue from an attacker's perspective. First, I will describe Cloaker, a proof-of-concept rootkit that exploits hardware features to hide and operate. Cloaker targets devices such as cell phones and PDAs which use ARM processors and relies exclusively on manipulation of hardware state while eschewing any modifications to the operating system code or data. This results in an extremely stealthy rootkit that is immune to the vast majority of existing countermeasures. Next, I will discuss the design of BootJacker, a tool that exploits preservation of volatile memory across a forced computer restart in order to break into a live system protected by some form of software based access control. BootJacker is executed upon a restart and it revives the entire pre-existing system environment using the contents of memory while bypassing the access control mechanisms. This presents attackers with unrestricted access to the system including any open secure connections such as web sessions, encrypted disks or VPN connections. Mitigation of these threats requires close co-operation between the system software and the underlying architecture. This topic is especially important considering the recent proliferation of advanced hardware features. System designers need to carefully analyze and identify such vulnerabilities before they make it into production systems.