Question about Random-access memory (RAM)

[d159159]

Hi guys

if I make custom made ram or attached some hack chip in the ram can I prevent programs from execute any code I want using only this chip
for example if a software want to print something in the screen or access the internet can I prevent or block him from
sending this code to the CPU .

the other question is can I send any instructions to the CPU through this chip or I have to send through software in the device.

[redskull]

There are far easier ways to write exploits than soldering together custom hardware  ::)

[dedndave]

Red's being nice - lol

as far as PC's go, RAM is RAM, pretty much (video RAM is seperate, though)
all system memory is accessed via the CPU
well, there is a hardware thing called DMA that allows fast transfers of large blocks

what's really missing in your "theory" is the operating system
any code that executes will pretty much have to go through the OS, in one way or another

you have a lot of reading to do to get to the place you want to be, i think

[K_F]

Looks like a bot...
But just in case it's not.... excuse me for a moment..




Now go and do something else, as you do not have the hardware technical savvy (and probably never will) to even start this type of thing.
PC's are not Playstations !

Official statement:
This response is based on the questions above and is no way intended to harm any animals .. or organics

[d159159]

Sorry for my bad English.

I think I am been misunderstood. I am a software developer with little in hardware. I always have this problem of securing critical information but even the hackers can get them. all i can do is complicate the process for them.
so i am just thinking about an idea. a secure RAM that can prevent malware from copying critical information.
any software have critical information just marking it as secure information and the chip in the RAM prevent any software from reading it except the program who marked it also prevent any code injection by identifying any code injection instruction in the RAM

Official statement:
I am asking for knowledge I am not gonna  manufacturing RAMs in my room using my printer. :icon_eek:

[FORTRANS]

Hi,

   The basic answer is no.  RAM is not secure by itself.  If you
want to prevent reading information from RAM you have (mostly)
two choices, encryption or physical separation (think of an an
on/off switch).  The operating system can provide some protection,
but it can not be perfect.

   What you are talking about is moving the encryption or access rights
from software into hardware.

HTH,

Steve N.

[hutch--]

There used to be a hardware device called an "In circuit emulator" that used to be used to debug software but I doubt you will find anything that works on recent Windows versions. What you need is done at the driver level and it is specific to every OS version. Software is your only option and things like a firewall will do some of what you have in mind but the hardware approach would be beyond a private individual, even if they had extensive facilities available.

[rrr314159]

Hi d159159,

What you are talking about is moving the encryption or access rights from software into hardware.

- That could be done. Of course it would have to be a new product, existing RAM doesn't do that. A chip manufacturer could make RAM - think of it as a flash drive - when first accessed it would accept a code of some sort and burn it in. Afterwards if that code was not presented on the bus before a read request it would return 0 or some error code. Of course it would make it slower. On the face of it, it would require OS support, but perhaps there are ways around that.

I think, d159159 is not talking about an existing product, or making it himself - that would be pie-in-the-sky. But such a product could be manufactured by Intel, Qualcomm or whoever. Might be a good idea

[K_F]

OK.. it'll have to consist of a plugin dram like normal memory.. that will have to be made by somebody.
Is there a market for this in the fast moving technology market... most probably not and thus would be very expensive to manufacture for a few.
3-6 months to design, 6+ months for the driver software... then countless updates and corrections.

Remember there have been countless hardware security devices (dongles, USB thingies ..ect) all have been cracked, some even before they're released, or soon after.
As mentioned a software encryption route would probably be the best route, as this is easily updated wrt to hardware.
:)

[d159159]

Thank's rrr314159 finally someone understand me.
I don't talk about existing product, I am talking about a new product that some big tech company can do. I just talking about the basic idea. anyway I just read some articles about some product but they use code trick and technology some CPU company provide like Trusted Execution Technology from Intel and Trusted Platform Module (TPM) chips but they also can be cracked with some extra work. I knew my idea also can be cracked, but the attacker have to get physical access to the device.

[redskull]

CPU's fetch their instructions from RAM, so of course anything that sits inbetween the RAM and the CPU can alter what, if anything, the CPU will see.  Products like this exist, and my generation of assembly language programmers (should) have fond memories of them (https://en.wikipedia.org/wiki/Game_Genie).

The problem 'you' would face is knowing what a particular instruction is going to do.  Programs don't access the internet, they send data out of the NIC via memory mapped I/O, so your dongle would have to somehow predict the postconditions of any given instruction; if a value is being moved to a memory location, is that the I/O space of the NIC?  If so, what behavior will that value make the NIC perform?  And, of course, the MOV might be indirect, so now besides having to know the specifics of every NIC from every vendor, you must keep shadow registers of everything; that means actually executing all instructions locally on your dongle, so you now have an entire separate CPU in the mix just to mirror the "real" CPU's state so you can take the right action.  And, of course, you need physical access to the machine, and if you have that, you might as well just unplug the hard drive and replace it with something that runs the code you want.  Or for that matter just unplug the power and be on your way.

-r

[d159159]

Thank's redskull.

I knew my access internet example is bad but I well work with it.
you knew that software don't get access to the internet by send data out of the NIC via memory mapped I/O either, they call some OS API's who call Some NIC driver API's who send data. So as you said I set between the CPU and the RAM so I just monitor every instruction going to memory and any program I don't like send an API call to get access and i can predict it easily because he can't play any tricks with an API call then I can block his instruction's from execute.

I knew the process well become slow but it is an idea.

And this idea is targeted to secure information that been execute.
So any code try to get access to this information and he is not authorized I just block him.