View Single Post
  #4  
Old June 8th 18, 03:27 PM posted to alt.comp.hardware.pc-homebuilt
[email protected]
external usenet poster
 
Posts: 533
Default Time Slice Visualizer to Detect Firmware Spyware using CPU.

Some further observations, the program was written in 2012 so had to think/figure out how it worked exactly !

The program will always try to consume maximum processing power for it's single thread/core.

It's processing power is "smeared" over the pixels available. If there are many pixels available and only little processing power than all pixels will turn red or black. Black = no processing power available, red = exactly 1 pixel processing power available.

So for example maximizing the screen may show all red pixels depending on how fast your computer is.

Reducing the screen size has no effect on cpu consumption. Instead the same pixel will be filled multiple times, indicated by green color. (fill count 1 = green)

So this app can easily consume near 100% cpu power by running it twice for my purchased dual core AMD X2 3800+ processor.

Green/Red is a nice helper to give some idea of how much processing power your core has.. also the re-sizing is for convenience as well to keep it smaller if necessary.

The re-sizing may fail/might be bugged/locked, in that case try clicking stop... then re-size and click start again... this should make it work again.

So just liked to point out there is no way for now to make it consume less cpu processing power... for now it makes no sense to do so... cause all cpu processing power must be consumed to have any chance of detecting "stolen" cpu processing power

However perhaps there might be a way in the future to detect "stolen cpu processing power" easier without consuming so much processing power.

One idea which pops into my head is:

1. Relinquish control of the cpu. In other words, give up the time slice for the thread... but do "mark" where it was supposed to "run/start". And perhaps also mark where it was suppose to "stop". If all app instances do this then basically all cpu processing power would have been theirs. Now once the thread is run again it can figure out if there are gaps between where it should have been and where it actually is... this may be hard to do accurate or perhaps not... not sure about this... but could be worth a try to figure this out. For example a time slice run could be done to see how many pixels per time slice it can process. Then this can be used as some length indicator of where it should have been after it was given control again off the cpu.

The idea is that if no other threads are running, then the thread should regain control every 10 milliseconds.

For example sleep(0) or event signalling can be used to re-gain control this way..

So idea is basically:

1. Thread runs.
2. Thread measures time/start point.
3. Thread goes to sleep.
4. Thread is re-awakened by OS because nothing else is running.
5. Thread notes end point, computes where end point should have been, any gaps are suspicious. All is visualized including the gaps.
6. Thus gaps can be drawn as well and could be suspicious.

However if such an app is reliable remains to be seen.

For now the current max cpu processing power consuming app is quite nice ! =D

Bye,
Skybuck.