Can some software physically damage hardware?

I know a question similar to this one has been asked before however it was about installing a 32bit OS on a 64bit laptop. My question is more about damaging the hardware.

I was wondering if there was a way of interfacing with hardware from the OS or Terminal layer in a way to damage it beyond repair (actual physical damage, not just faulty hardware).

• Could you bypass security measures and run a CPU so hard that the ceramic actually breaks?
• Could you write or interface with a HDD in a way that would cause physical damage to the platters?
• Could you mess around with memory and fry RAM?
• Can you blow a NIC?

I'm interesting in knowing the limit to which the software can reach when looking at a system as a whole.

When actually running programs, the load on the CPU can cause the core temperature to rise. While newer technologies have some effect (dynamic frequency & voltage scaling), this is still mostly because certain instructions use different electrical pathways in the microprocessor (as opposed to when the processor is simply in an idle or low power state). There have been various power viruses written in the past, which take advantage of this fact to repeatedly execute specific machine code which draws the most power, and thus produces the most heat (see the question Can a virus melt the CPU? for details).

While you could also extend this idea to other hardware in the system (which I'll cover below), another interesting one is storage devices. You could also write a virus to constantly read-write files to a drive, which will wear it out a lot faster (both mechanical hard drives and solid state drives). You will increase the likelihood of mechanical failure in a HDD, and decrease the drive longevity of a SSD. If the user is unaware of these constant read-write cycles, you can most likely damage their disks within a week or so if you implemented this properly.

Also, some Apple laptops have a microcontroller embedded in the battery. Nothing special, but in the past they released a patch that upgrades the firmware - and in turn, now the batteries themselves are susceptible to firmware hacks.

Now, back to the heat damage. Some new motherboards include the option to modify BIOS settings under Windows. You could theoretically write a virus that would increase the voltages in the system to artificially high limits, potentially damaging the components (RAM, CPU, north/southbridges). Raising the voltage and/or overclocking the PCIe bus could also damage some of those components.

One component in particular on a PCIe/AGP bus I would like to address is the video card. This is because most manufacturers provide overclocking tools to raise it's core speed and voltage. Taking that one step even further, you could also write a virus to use these tools to raise both of these things to dangerous levels, so you could either burn it up, overvolt it until it degrades, or both!

Do note that most computer hardware has overheating protection, and will reach "thermal shutdown" before any damage occurs. As for overvoltage protection, it's possible but far less common.

The point: It's possible to write viruses that take advantage of any computer system. If the target system has no access to external (or even its own) hardware, however, there's not too much damage you can do. The best analogy here would be like trying to hack someone who pulled their Ethernet cable out of the wall - you literally have no way access to that system.

That being said, most devices in our modern computer systems do have access to modify physical hardware parameters - namely, voltage and core speed. Since these things can be modified, it is possible for viruses to take advantage and possibly disrupt or destroy their operation altogether.

There was always that warning that some older CRT monitors, if given a video signal beyond the frequencies they could handle, might suffer damage. I don't know which ones but it was a common disclaimer given when you were adjusting refresh rates or manual resolution settings.

Basically unless a system doesn't have proper cooling or a proper power supply installed, you can't break a CPU by working it too hard. The cooling and power it is installed with should sustain it at 100% usage.

However all modern CPUs all microcode updates. Intel has always required their microcode to be encrypted, but AMD has not (don't know if that's changed). Might be possible to upload a microcode to a CPU that does something nasty.

Flash memory can be worn out with repeated writes. It's likely possible to "burn out" a BIOS flash chip with this method.

I'm sure hard drive manufacturers design their devices with hardware interlocks and no capability to adjust motor speed, since really the HDD motor just spins at a constant speed. However, spinning up and spinning down a HDD causes it stress and premature wear, which can be done in software. Also, it's likely possible to "burn out" a hard drive's firmware flash/EEPROM with repeated bogus updates or hacked firmware that repeatedly writes to internally accessible flash or EEPROM. Similarly for CD-ROM drives.

It's possible to disable fans by software but many modern CPUs will automatically shut down when a too-high temperature is reached. Older CPUs did not have this protection but such motherboards also didn't have fan control.

Your power supply, if it explodes, won't do quite the same damage as the one in Die Hard. Sorry to disappoint.

An engaging article highlighting a variant of software causes hardware damage recently appeared in Wired regarding the Stuxnet virus. Software causing command and control software to physically damage nuclear centrifuges. It's just kind of amazing.

Historically, there have been a few cases where hardware design flaws have made it possible to directly and immediately damage a machine. In one case, a single-line instruction could cause a computer to short-circuit and catch fire, IIRC. But the cases I heard of were on old 8 bit micros.

Apparently, the term is "Killer Poke", but I just turned that up in a quick Google.

I wouldn't be surprised if these things can happen in embedded systems with buggy drivers for hardware, but it should be difficult to achieve on the most common hardware platforms - firstly because direct access to hardware is controlled, and secondly because these problems should be unusual and very specific to exact hardware platforms anyway. For example, a blow-up-your-graphics-card poke will probably only work for a specific graphics card.

See - http://en.wikipedia.org/wiki/Killer_poke

EDIT - I haven't been able to find any references to 8-bit micros short-circuiting and catching fire from a killer poke - maybe this was just an urban myth I picked up along the way somewhere. But the notes about HCG (Halt and Catch Fire) CPU instructions ( http://en.wikipedia.org/wiki/Halt_and_Catch_Fire ) are fun... The Motorola 6809 processor was used in the Dragon 32, IIRC, so maybe that's what I dimly remember.

Aside from overstressing the hardware, there are firmware viruses, which could wreck hardware not by physically damaging it, but simply by making it inoperable (which might as well be "physical," since the hardware can no longer be used in any system).