Úvodní stránka » Nezařazené » Samsung rc710 Battery all-laptopbattery.com

Samsung rc710 Battery all-laptopbattery.com

For example, the SMM code controls the power to the motherboard hardware when the user wants to put her computer to sleep or wake it up. It emulates a PS/2 keyboard when only a USB one is plugged in. It quietly deals with chipset errata – in other words, if an operating system or hypervisor attempts to access buggy motherboard hardware, the SMM will intercept the request and make it all work as expected in software.All this happens transparently to the other rings: code running in SMM is invisible to the rest of the computer, and it has complete control over the hardware and firmware. It is the real sysadmin of your PC. Taking control of this janitor means taking control of everything.The SMM code reserves a small chunk of your PC’s RAM to store its variables and other private data, and all other rings are forbidden by the motherboard hardware from accessing it. That chunk starts at 0x1FF80000, or half way between the 511MB and 512MB marks in your physical RAM. Any attempt to access that portion of memory from software running outside the SMM is blocked by the Memory Controller Hub on your motherboard.

Back in around 1993, Intel introduced its Advanced Programmable Interrupt Controller (APIC), which, as its name suggests, manages interrupts coming into a processor. Interrupts are electrical pulses generated by the hardware telling the CPU to stop what it’s doing, and sort out this urgent thing instead. It might be a countdown timer that’s hit zero, or a hard drive finishing a data transfer command, etc. Most of the time, a driver is ultimately summoned to deal with the interrupt before the CPU continues with what it was doing.The APIC is a split design: there’s a local APIC for each processor core on the motherboard, and usually one IO APIC. The IO APIC hooks up with the hardware, and routes interrupt signals to the local APICs, which decide whether or not to interrupt their core and also pass messages between cores.These local APICs were introduced as discrete chips (the 82489DX). Starting with the Pentium P54C in 1994, the local APICs were built into the actual processor. The local APICs’ control registers – internal variables that configure how they work – were mapped into the processor’s physical memory map starting from 0xFEE00000 and 0xFEE01000. That means operating system software could find and talk to a core’s local APIC at those memory addresses.

When the Pentium Pro (a P6 family chip) arrived in 1995, Intel allowed kernel-level developers to reprogram the local APIC so that it would appear elsewhere in physical memory. This was handy for moving the local APIC out of the way of low-level software that expected to use that high 0xFEE00000 address for something else.By using the wrmsr instruction, the operating system developer can configure a processor core to move its local APIC to anywhere in memory. Just write the new physical memory address to the processor’s model specific register 0x001b.Yes, anywhere in physical memory. Like say, where the SMM code stores its hidden private data.By mapping the local APIC to 0x1FF80000, or thereabouts, it will overlap the SMM’s private chunk of RAM. Now when the SMM is triggered into action by a special interrupt called an SMI, the CPU will stop what it’s doing, switch to the SMM in ring -2, and execute its code. While running, the SMM’s interrupt handler will want to use its private data in memory – except, it won’t be accessing its hidden chunk of RAM, it’ll be reading from the local APIC’s internal registers instead. And we can control those registers, and use them to feed specially crafted data into the SMM to hijack it.

So now we’ve seen how it works: force the powerful SMM code, the sysadmin of your PC, into reading from and writing to memory we more or less control. The next steps are easy, right? No. The local APIC’s configuration registers are all over the place: there are huge gaps in its memory map where we can’t control the contents. Reading from it returns a zero more than 99 per cent of the time.Effectively, all we’ve got a 4KB page of zeroes that we can slap over the SMM code’s private memory. Writing to it is pointless. Domas called it a memory sinkhole. The situation looked hopeless.So Domas looked through Intel’s sample SMM code, which is provided to firmware vendors to bake into motherboards. It turns out that pretty much all vendors use Intel’s template SMM code.This template code relies on a crucial data structure, the size and address of which is stored at 0x1FF8A000 in memory: a structure called the Global Descriptor Table (GDT). This table is a throwback from the 1980s. All operating systems need a GDT to do anything useful, because it tells the processor where data and executable code, among other things, are allowed in memory.

When the SMM code is entered from an SMI interrupt, it loads its GDT into the processor by giving it the size and address at 0x1FF8A000. By positioning the sinkhole over where the SMM code expects to read its GDT pointer, the processor will read zero. Before triggering the interrupt, you just make sure a table of our own devising is placed at address zero, and the CPU will load our GDT in SMM mode.After that, we can redirect execution to somewhere more comfortable in memory while remaining in ring -2. Now we’re running the show and not the hidden janitor. We can install our rootkit permanently in the firmware, so even if the hard drives are wiped and the apps and operating system reinstalled, it can be revived.Exactly how this last part is done, we’ll leave as an exercise for the reader. Domas has provided some sample code showing how to reprogram the APIC’s physical address.

Again, this is fixed in Intel chips made from January 2011; you can’t move the local APIC over the SMM’s protected area. Virtual machines, whether they are in the cloud or on your desktop, cannot exploit this vulnerability (unless your virtual machine manager is braindead insecure and allows guest operating systems to remap real hardware). Techniques, such as monitoring the processor cycle counter, can be used to sniff out hidden rootkits: cycles stolen by the stealth malware will show up to application software.You must have root or administrator-level access to a machine to exploit this chip bug; a malicious driver, or a program exploiting a privilege escalation flaw in an operating system, can abuse this Intel hardware vulnerability (assuming it’s not running inside a virtual machine.)So the sky is not falling in, but it is rather irritating, and people should be warned. As said earlier, what’s truly at risk is old office PCs kicking around, or that loyal pre-Sandy Bridge Linux server you can’t be bothered to decommission and replace.Domas hasn’t tried the attack on AMD processors. El Reg hopes the chip biz also spotted the design flaw. Intel has issued software fixes for its server motherboard families S5500HC and S5500HCT, and workstation board family S5520SC, to mitigate "a method that enables malicious code to gain access to System Management Mode (SMM)."

"There are hundreds of millions of computers out there that can’t be fixed," Domas told the Black Hat conference. "Intel has been great about this, and published some firmware updates, but really, for some systems, this is unpatchable." Intel is putting its Xeon processors into laptops for the first time, ushering in what it hopes will be a significant performance boost and marketing opportunity.This is not only because the CPU is faster but also because they will feature the faster Thunderbolt 3 system, with palindromic USB Type-C ports that support the full 10Gbps USB 3.1 Gen 2 transfer speed.Xeons were originally designed for workstations, but Intel explains that its seeing increasing demand from “designers, content creators, engineers and architects”, in particular the need to support 4k video.It’s a vibrant part of the moribund laptop market as people move from sylphlike laptops to either tablets or to notebooks with more power. With desktop sales also tanking, it’s the logical move for Intel.The Chipzilla quotes IDC’s most recent report on mobile workstation usage which showed that the quarter ending in June 2015 was the sixth straight quarter of year-over-year mobile workstation unit growth.

The new chips are the Intel Xeon Processor E3-1500M v5 Product Family, based on the next gen Skylake architecture.The Mobile Xeon has error-correcting code memory that automatically detects and repairs errors on-the-fly, hardware-assisted security, manageability, and productivity using Intel vPro.Intel is spreading the Skylake love quite wide, with plans for tablets and a recent gaming announcement.Intel isn’t giving details quite yet of just what flavour of Xeon is going into the E3-1500M family, and Xeons will run all the way up to 18 cores, but given that the recently announced Core i7-6700K kicks out 95W of heat we can’t expect anything quite as toasty in laptops. Review You only have to own a mini PC for a short while to understand the attraction. Minimal footprint, easy to handle and with any luck, a useful selection of interfacing options. Go for the latest fifth generation Intel chips and you can have sufficient grunt to tackle even the most arduous of desktops tasks.Time was when Apple’s Mac Mini would have people cooing over its size but these days, due in no small part to the disappearance of optical drives, as well as more efficient chipsets, anyone can have a crack at the diminutive computing.

Indeed, Intel has made a virtue of it with its NUC (Next Unit of Computing) small form factor PC, the latest fully loaded model we reviewed recently.Intel’s offering isn’t the cheapest you can find even though it can be bought as a barebones machine. The Acer Revo One, that we’ve also put through its paces recently, has a lot going for it too, featuring storage dual-bays and a remote control and Celeron or fifth gen Core i3 and i5 versions.The Asus VivoMini is yet another choice in the mini PC marketplace that kicks off with an Intel Celeron CPU (same chip as the Acer) or fourth gen Core i3 and Core i5 alternatives.On test here is the VivoMini UN42, which, apart from the barebones version at £125, is the cheapest model in this Asus range costing around £200. Kitted out with an Intel dual-core 1.4GHz Celeron 2957U processor, integrated Intel HD Graphics, 2GB of DDR3L RAM and a paltry 32GB SSD, this set-up will chug along nicely if you don’t punish it too much… or save large files to the SSD.

Put it this way, if you’re doing everyday tasks such as web browsing, YouTube or iPlayer viewing and routine MS Office tasks, then you’ll not find anything to complain about. However, if you fancy transcoding some video, be prepared for a wait.With just a power button and activity light on the front, the left side houses two USB 3.0 ports that support battery charging which explains why the mouse was still glowing when the unit had been shut down. There’s an SD card slot here too and around the back a mic/headphone combo audio jack socket, Gigabit Ethernet, two more USB 3.0 ports, plus full size DisplayPort++ (dual mode) and HDMI connectors.The latter two enable up to three monitors to be connected for an extended desktop or cloned displays if DisplayPort monitors are daisy-chained. The UN42 also features Bluetooth 4.0 and the Wi-Fi supports 802.11ac.At just 131 x 131 x 42mm, it’s smaller than most takeaway portions and notches up a mere 0.6-litre volume, which is just over a pint. The Asus spec reckons it weighs 1kg, putting in brackets 1.32lbs, which anyone with a bag of sugar at home can tell you, 1kg = 2.2lbs. Whatever it works out as, it’s certainly not a burden to carry.

Napsat komentář