Hardware Autopsy
presence while gaining complete access to a
machine. Once free to muck around, viruses
can modify the kernel and process list to
stay hidden even if a user asks which pro-
grams are running. And boot-record viruses
in the spirit of Elk Cloner are once again
becoming popular because they can be dif-
fi cult to detect and purge.
Security researchers and less-predatory
hackers have also become a part of this
monetized culture. Maintaining a “white hat,”
or ethical, approach, they root out vulner-
abilities in code and then follow established
disclosure practices to inform companies
about security fl aws in their products before
going public with the information. Some
software developers even pay bounties for
such tips.
BREAKING IN
Sometimes, computer owners make the
hacker’s job entirely too easy. “The main
security issues today are not so much tech-
nical as they are social,” notes Symantec’s
Ramzan. “Hackers often just ring the door-
bell and ask to be invited in. Although there
are ways to compromise a system by fi nd-
ing a technical hole, the most common way
hackers try to compromise systems is by
fi nding the human hole, by emailing you an
attachment with malicious code and telling
you to execute it by yourself.” These initial
bits of code often work as a stage down-
loader, with the main objective being to clear
a path for the malicious bytes to follow.
Sloppy programming, on the other
hand, creates opportunities for viruses to
infect a system without a user’s help. The
buffer-overfl ow attack is one of the most
common exploits. The virus designer, for
example, might identify a point at which
the software expects user input. Instead of
entering a normal amount of data, the virus
fl oods the query, overwhelming the program.
Executable code hidden within this tsunami
of data gains control of the host machine
and overrides the program, tricking the com-
puter into running a new set of instructions.
“Code itself is a type of data,” Ramzan
explains. “It’s basically data that can be
executed on a machine. Sometimes that
distinction is not actually made at a very low
technical level, and that’s what often causes
these vulnerabilities to occur. At the end of
the day, they’re all just bits, and your com-
puter has to know which one’s which.”
Fortunately, it’s easy to protect your PC
from viruses and cyber criminals. Install an
antivirus program, perform periodic scans,
and don’t do anything that would make it
easy for criminals and mischief-makers to
take advantage of you.
Vudu HD Movie Box
Based on its performance and price point (which has dropped from $400 to $300), we
predicted we’d find a laptop motherboard with a low-power CPU and perhaps either an
inexpensive GPU or integrated graphics when we peeled open this high-definition movie
box. Man, were we off base.Any requests? What hardware—new or old—would you like to see go under
Maximum PC’s autopsy knife? Email your suggestions to [email protected].http://www.maximumpc.com | MAY 08 | MAXIMUMPC 71
BROADCOM CHIP The Vudu is nearly a single-chip computer, with this Broadcom BCM7401 high-
definition set-top box processor performing nearly every function. This one part decodes MPEG-4
video and Dolby Digital Plus audio and performs digital noise reduction. It also drives the Vudu’s 2D
graphical user interface and the HDCP-protected HDMI interface, controls the Vudu’s SATA hard
drive, decrypts copy protection, receives and processes commands from the RF remote control, inter-
faces with a smart card, and serves as a 10/100Mb Fast Ethernet controller.HITACHI HARD DRIVE The Vudu stores its downloaded movies on this 250GB Hitachi
CinemaStar 7K500 hard drive. The CinemaStar is optimized for digital video applications, so it trades
some error correction capabilities (which aren’t as crucial for streaming as they are for other types
of data storage) in favor of reduced power consumption (which leads to lower thermals) and quiet
operation.MEMORY
The Vudu box
doesn’t need
much in terms
of memory—its
operating system
and everything
else fits within
these four pieces
of DDR/400
SDRAM.of data storage) in favor of reduced power consumption (which leads to lower thermals) and quiet
operation.MEMORY
The Vudu box
doesn’t need
much in terms
of memory—its
operating system
and everything
else fits within
these four pieces
of DDR/400
SDRAM.SILICON
STORAGE
TECHNOLOGY
CHIP The only
other crucial
component
on the Vudu’s
motherboard is
its CMOS flash
memory; this is
where the box’s
bootstrap code
resides.