Security Now 241

From The Official TWiT Wiki
Jump to: navigation, search
Security Now
Episode 241

Security Now 241: Hardware Interrupts

News & Errata

03:48 - 09:09

  • Firefox v3.6 broke Katmouse compatibility
  • Firefox v3.6.2 fixed Katmouse compatibility along with some security bugs - scrolling with Katmouse BUG 540510 fixed "Scrolling messages forwarded back from a plugin are dropped instead of processed."

09:10 - 14:53

14:54 - 16:34

  • Russia to require some proof of identity before registering a (.RU) domain

16:35 - 18:25

  • The University of Chicago determined that more than 75% of domains have invalid registration information

18:26 - 20:27

  • China now requires a face-to-face meeting and takes a photograph of any citizen wishing to register a domain
  • China is considering forcing its citizens to register there real name and other details with a website before using online message boards

20:28 - 37:15

  • Time to Rethink the whole thing? Endless software flaws, and endless patching, is so wrong. [1]

Spinrite Story

37:16 - 40:27 Nate Woods (Unknown)

A listener couldn't run boot and nuke on a drive as it had bad sectors, so he fixed them with Spinrite and then ran Boot and Nuke

Hardware Interrupts

42:25 - 50:00

  • Recap of previous parts in the series
  • Program Counter
  • Instruction Word
  • Direct Access (points to target)
  • Indirection - Indirect Access (contents points to target)
  • Multiple Registers (instruction word bits to specify)
  • The Stack The "Stack" is a temporary scratchpad supporting Reentrancy & Recursion.
  • The "Stack" is a "sequence-oriented" storage facility.

50:01 - 54:33

  • We want computers to be able to interact with other peripheral devices
  • But to do this they need a way of pacing how quickly we send and receive data from the external device
  • E.g a keyboard, somehow the computer needs to know when we press a key and then to read the value of the key we pressed and accept it, store it somewhere, and then somehow be notified when we press another key
  • Well, the original computers did this in a very awkward way, but it was all that they really had. There was an instruction, part of the input/output instructions, which would allow them to sense the readiness of a device to receive data or the availability of data from a device.
  • It would execute an instruction which would allow it to sense whether new data was available. And, if so, it would branch in the program to a series of instructions that would read the data and then reset that little sensor
  • So essentially, the computer would loop, like in a tight little loop, just reading the status, checking to see if that status said there was new data available, and if not it would go back and read it again.
  • The problem is, the computer is completely occupied while that's happening.
  • While it's reading data, waiting for us to press keys one after the other, it can't get anything else done because it's spending all of its time sitting there just waiting for data to become available.

54:34 - 01:05:50

  • So a better way was created called 'Hardware Interrupts'
  • What hardware interrupts allow is an electrical signal of some sort, an electrical signal representing some sort of physical event, like a key being pressed on the keyboard, to interrupt at any time the normal flow of instructions.
  • Before a program gets busy doing whatever it's going to do, it sets things up so that hardware event that occurs can interrupt it anywhere it is, literally in between instructions.
  • So what the hardware in the computer does is, as it's stepping its program counter, word by word, through memory, reading each instruction in turn and doing that, some additional logic is added to the hardware which, just as it finished executing an instruction, there's a hardware check to see if the interrupt signal is active.
  • If not, it just proceeds as it normally would have to read the next instruction in turn and execute that.
  • If the hardware interrupt is active, it suspends, essentially doesn't execute the next instruction it would have in sequence instead it runs the interrupt service routine that has been specifically written to deal with this interrupt
  • The problem is now you need to get back to where you were before the interrupt occurred
  • This is where the stack comes in, the location you need to return to and the values of the registers is pushed to the stack.
  • Then when the computer has finished dealing with the interrupt they are popped back of and the computer is in the same state as before

01:05:51 - 01:13:00

  • Now, what happened as we moved forward in architectures is things naturally got more complicated.
  • It was recognized, for example, that there were some peripherals that were high-speed, like a tape drive or a disk drive, which were generating data or requiring data at a much greater rate than, for example, a teletype or a keyboard.
  • And so the notion of priorities of interrupt priority came into being
  • Where an interrupt would be serviced only if the new interrupt coming in was a higher priority than the interrupt that we were in the middle of working on.
  • A program that is running has no idea that an interrupt has just been serviced

01:13:01 - 01:19:53

  • Windows hands programs tokens with a number representing an event
  • This is called the event loop or the message loop
  • When a program freezes it could be because:
  • The program receives a message from Windows to tell it to start doing a task that takes a while
  • Whilst its doing this task Windows then tries to give it another message to say move the window location but as it is busy it doesn't get it until its done with its task
  • So it appears to the user that the program has froze
  • The way to avoid this is to write applications with multiple threads



  • Offer Code: securitynow
  • Ad Times: 0:40-0:56 and 40:23-42:21

Production Information

  • Edited by: Tony
  • Notes: Edited out reconnection with Steve and redo of Carbonite ad.
Info.png This area is for use by TWiT staff only. Please do not add or edit any content within this section.