Slashdot Mirror
Counterfeit Chips Raise New Terror, Hacking Fears
mattnyc99 writes "We've seen overtures by computer manufacturers to build in chip security before, but now Popular Mechanics takes a long look at growing worries over counterfeit chips, from the military and FAA to the Department of Energy and top universities. While there's still never been a fake-chip sabotage or info hack on America by foreign countries or rogue groups, this article suggests just how easy it would be for chips embedded with time-release cripple coding to steal data or bring down a critical network - and how that's got Homeland shaking in its boots (but not Bruce Schneier). While PopMech has an accompanying story on the possible end of cheap gadget manufacturing in China as inflation rates soar there, it's the global hardware business in general that has DoD officials freaking out over chips."
EVERYTHING is now a "terror threat".
Do you suppose someone figured out that "terror" is a funding goldmine? That the way to ride this gravy-train was to pump up the volume on the "terror" megaphone?
It's pretty funny - 'til the unintended consequences land you "in internal exile", or "extraordinary rendition".
"Flyin' in just a sweet place,
Never been known to fail..."
A construction worker was killed while torguing such a bolt while building the Saturn car factory. The head tore off and he fell to his death.
In the same article where I read this, a general complained that you could find broken bolts littering the ground in the path of tanks on training maneuvers.
There is a way to test bolts for strength, but it's expensive.
Request your free CD of my piano music.
...for this, after all.
The focus of comments through the article was that very few people had actually come across counterfeit chips, and the financial repercussions were limited. This shifts the focus to security, which does raise different questions
The Mothership
Well, that's globalization for ya!
That's not Wise... they're Lays!
This was only the beginning. Cant wait until next holiday season.
I didn't read TFA but is it suggesting that a highly advanced technology could be 'easily' counterfeited and delievered to US facilities? Assuming it would take another highly advanced country to do this... Doesn't this really mean war, not terror? If we find out a sovereign nation is attacking us through this channel I would call it war -- even if that means they are knowningly supplying terrorists with the chips instead of directly doing it themselves.
The US DoD depending on the global hardware business is the scariest implication to me.
And one more thing.. this almost sounds like it could be a back door for even stronger DRM technology, embedded in hardware, in our personal computers in the future. SO, how far off base am I this time?
I do not respond to cowards. Especially anonymous ones.
Every time I see an article talking about the impending terrorist plots to use high-tech means of warfare, I just say to myself, "box cutters".
Does waterboarding these 'terror chips' work as well as water cooling?
Indeed... the "War on Terror" is nothing more than various groups of people trying use terror to "hack our fears". The terrorists try to hack our fears to gain power over us, and the governments fighting them do the same.
I don't care if it's 90,000 hectares. That lake was not my doing.
What exactly is "Terror Fear"?
Fear of extreme fear?
You get what you pay for.
If you don't want counterfeit parts, pay for the appropriate controls and enforce them. The government has been trying to build government-class security and reliability on COTS technology for far too long.
If that means domestic production, so be it.
#!
While there's still never been a fake-chip sabotage or info hack on America by foreign countries or rogue groups
One wonders whether the reverse is true, and if so, why other countries are not freaking out about it...
Maybe if these parts are so critical we should keep the manufacturing in the US?
"Hah hah!"
"Someone set us up the server!"
I was wondering why my new "Gatemay" computer had an "Inpel Inside!" sticker on it.
That we know of. There could be millions of rogue processors out there just waiting for a command to "turn on", or self-destruct. How would we ever know from the outside?
Wasn't there some question about Levono's laptops recently and their potential to secretly spy on its users at a hardware level? While not exactly the same, it is similar.
---- Booth was a patriot ----
Define Counterfeit
Isn't this hashing over the same deal where the "counterfeit" parts were really just unauthorized copies of a good board? How is it "Anti-Terrorism" to terrify the crap out of unsuspecting people with far-fetched hypotheticals?
Articles like: "The danger of installing foreign designed, foreign made black boxes in our infrastructure" just sounds obvious, and the answer is obvious too: make your own boxes.
These so-called but not-exactly-counterfeits are a problem caused by a lot of short-sighted business fads. Aggressive offshoring of design and manufacturing means that you are not in control of the product anymore. It also means that you killed off your local design and manufacturing, making it that much harder to solve the problem. If the "Counterfeit" uses full-spec parts, then are they really counterfeit? If they use crap parts, they will just break early, costing someone money. As far as a cyber-bot-net conspiracy, there are more realistic problems to worry about.
Doesn't the NSA make their chips domestically?
Hardware is cheap, and there are always more than one way to skin a cat.
Just do the same algorithm on different hardware architenctures and at least one different virtual machine implementations. (Use a minimum of three implementations!) Take the answer that two agree on and forward that on to the next step in the pipeline. It would be difficult if not impossible to produce a counterfeit chip that could produce undetectable deviations in both software and hardware machines.
"Never set sail with only two compasses - use one or three."
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
Clearly, this is the agenda of the piece. PopMech has been a fan press for the US arm industry since its inception "Look! A dive-bomber that will send Tojo to his divine reward!".
They have seeded stories from Military and "Intelligence" sources for years.
"Flyin' in just a sweet place,
Never been known to fail..."
the impetus for adding restrictions and obfuscations is most certainly NOT security in the DoD sense. methinks interested parties are trying to juxtapose priacy/DRM interests with security/terrorism concerns. there is no really good argument for increased in-silicon DRM as a means to end-to-end security except for the economic security of intellectuals and their property. the troubling aspect to any attempt at subverting counterfeit designs is that it encourages mechanism to obfuscate a digital design and decreases your freedom to know exactly what is happening to those electrons. such measures invariably decrease the overall security and reliability of the system by adding more complexity. an easily counterfeit-able design is also easy to verify. the converse is also true. truly safe systems must incorporate redundant standardized parts from multiple vendors to eliminate the effectiveness of malevolently embedded flaws.
Well, wont that just suck.
Cheaper chinese goods that are flooding in help keep prices down overall.
---- Booth was a patriot ----
I think it's healty for other manufactures to make rippled potato chips other than ruffles.
Isn't this what the CIA did to the USSR? They purposely sold the Soviets Counterfeit CPUs and other technology so their economy would be based on faulty technology.
In fact, it culminated in the mid 80's when a brand new pipeline was turned on with turbines taken from America via a Canadian intermediary. The turbines purposely malfunctioned and the resulting blast was about 1/4 the size of Hiroshima. Taking out such an important oil pipeline made a non-trivial dent in the Soviet economy.
Look up the "Farewell Dossier".
What is old is new again.
Didn't the US government do exactly this sort of thing to someone else? I think it was a country in the Middle East, and it involved HP printers, IIRC.
In the traditional sense?
If the US government (by extension, the wealthy, the connected, the power brokers, then the consumers/prosumers) want cheap goods, then they will be made in China or elsewhere. If the US wants security to not be threatened by counterfeit goods (bads) then it OUGHT to SHUT UP and bite the bullet and manufacture ALL infrastructure-threat-capable electronics domestically.
But, it can't. It can't because to do so would buck or contravene many conventions, trade acts, and agreements. If the US can't trust Asian producers, what makes it think it's safe trusting European producers? Only irrational comfort in color-based similarity and common heritage is probably all there is.
So, the next best thing is for governments to stop dicking around and posturing as soft-enemies. If China never has to fear the US, then national or entrepreneurial counterfeits orders might not be a real problem. If the US stops trying to f*sking trying to be NUMERO UNO/Master-of-the-Universe, other nations might feel less threatened. If the US is less feared, sure, some will still try to exploit it, but that is best done economically, which is already the case: multiple hands from multiple nations and places from Dubai to Israel, to UK to Tokyo to Beijing, to Venezuela (oil, cheap oil) will have some tug and push on the US. Small, but definitely felt.
All this just reminds me of the post by a sysadmin about 2 weeks ago who said as long as the counterfeits work until he's got his ROI, or as long as they don't crash or trash his network and as long as the only difference is in the serial numbers, then he doesn't care, because he saved money. Well, how can HE ever know his company's chips are not trojan chips? He's not likely to have Cisco come do an audit on the chip code or substrates or pins. He'd get fire if it's shown he knew and did nothing. Well, MAYBE he'd be fired.
i wouldn't be surprised if 45% of US infrastructure and maybe the same of the EU and even Japan has been "infiltrated" (used not in the "evil" sense, but in the penetration sense) by counterfeit chips. I wouldn't be surprised to learn that prior to off-shoring chip plants to China that the US was sending "counterfeit" or infiltration chips to other nations. These companies probably did it at the bidding of the US government, under black ops national security project, which we'll never be able to prove nor disprove, given the secret accounting and multitudes of project names and cover names.
So, in all, this is "touche", or Karma (good or bad) at work or in play.
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
The easy way to attack remote systems at the hardware level would be to preload a back-door key into Active Management Technology. All the hardware is already there to remote control the computer, without any help from the operating system. By default, this feature is supposed to be disabled. But a minor firmware change, initializing the AMT unit with a second hidden key instead of leaving it disabled, would make it possible to take over any corrupted machine from a level below the OS.
AMT is the latest form of this, but there's also ASF (AMD's version), and RCMP (works over UDP, while AMT is a web service).
This is tough to detect, short of cutting open the network controller chip and tracing the wiring with a scanning electron microscope. That's quite possible and tools for it exist, but it's not cheap.
How about "Back-dooring"... Introducing Her Hingelader... The hind-loading info-sucking chip...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
I wanted to mod this up (funny), but I decided to comment instead...
:-)
My brother has a Shrap calculator. (Yes, S-H-R-A-P, not Sharp). The lettering looks exactly like the lettering used by Sharp during that time period (1980s). He keeps it for the humor value.
"From Shrap minds come shrap products..."
This kind of thing really does happen.
http://www.npr.org/templates/story/story.php?storyId=88031211&ft=1&f=1001
There is a "Listen Now" link, too.
But, here's a chunk:
"Army Maj. Reid Sawyer, of West Point's Combating Terrorism Center, says that is now changing -- and that al-Qaida's central leadership, securely based in Pakistan, is once again taking charge.
"What we have been observing is al-Qaida's attempt to re-assert control throughout their disparate networks, with al-Qaida in the Arabian Peninsula, in the Horn of Africa, to provide guidance and mentoring, if you will, as well as some funding to these organizations," Sawyer said.
"And so the organization has coalesced again, because of its ability to have sanctuary. And that's really given it such a benefit that can't be overstated."
Michael Scheuer, a top al-Qaida specialist at the CIA until 2004, goes even further in his assessment.
"I think al-Qaida as an organization was never seriously damaged," Scheuer said. "What we're seeing is, it has a new base. It is fairly comfortable where it sits at the moment. And it is able to go back to doing the things it did since 1988."
But the world has changed since 1988 -- and so has al-Qaida.
The group is now on the Internet, and it even has its own media company, producing videos for radical Islamist Web sites.
With these new tools, the Internet makes it possible for al-Qaida to promote its vision of jihad or holy war and solicit recruits throughout the Muslim world.
Sawyer says the Internet even provides a training mechanism, taking the burden off al-Qaida bases in Pakistan.
"What the Internet has really created for al-Qaida and its affiliated groups is a virtual sanctuary,... "
Like Adama told Tyrol about Galactica Valerii: "You'll see her again, Chief.... There are many copies."
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Rather than wail and moan about supposedly fake chips, what the manufacturers should do is put on-line the database of valid serial numbers and their specs and history and let end users have access to this information and even add to the database (if they so choose) their ownership of a serial number. This would have several benefits: Fake chips would have a problem of not having a large pool of valid serial numbers (it would be easy enough to not have the database expose the entire list, and limit the number of chips that could be looked up by any IP in a short time) and if fake chips all used the same ID this could be quickly detected. Users could also confirm that the specs for the chip they bought were the specs the manufacturer intended, preventing the practice or remarking chips for higher clock frequencies. A user who desired it could have a lot of confidence that is chip was not counterfeit just by checking into the database and learning what the manufacturer knew about his chip. Chips with serious bugs that were recalled would be detected easily without alarming users of unaffected chips. And this could even provide a service of letting one register their CPU serial number, if they wanted the computer to be able to be look up by law enforcement or others later in the case of theft. That this isn't already being done, yet the industry is acting like counterfeit chips are a big problem, seems to be telling me something is bogus about their claims of doom.
I'm an American. I love this country and the freedoms that we used to have.
All in all, at the very least, the US gov. should say no to companies that are moving their production to china. In fact, I think that if the production does not come from certain countries, then it should not be bought. Basically, we are allowing our far too many of our items to go to countries who WILL be after the west. The feds could just buy from Places like EU, Japan, Canada, Israel, and even Mexico and not worry too much.
I prefer the "u" in honour as it seems to be missing these days.
This kind of illicit technology is usually (not always) about making a buck. It's cheaper to exploit software than physical chips.
Fix the world's software and then those industrious rogues might decide the expense and lengthy process of counterfitting physical chips is worthwhile compared to a quick piece of spyware.
There, fixed that for you.
In the early 1980's, the US produced intermittently buggy chips which we sold to the USSR in full knowledge that they'd disrupt production facilities. It worked very well. Why, then, wouldn't China do the same thing?
As someone who works in chip verification, I can tell you it's very difficult with most chips to do this, as long as the chips are designed in the US -- which is still largely the case, that they're designed here and produced in fabs in China (because labor's cheap and they don't care if their workers are exposed to HF and silane as long as money's coming in.)
You know *exactly* what size your chip die is. If the silicon comes back from the fab with a different-sized die, it will be very obvious. So nobody can put extra stuff onto an existing die. Die size is the single most critical aspect of most designs, because of the cost, so existing designs are jammed just as tightly as they can possibly be. You can't put more functionality into an existing die size. The problem, then, is letting your design out. (And even then, a competent chip designer could probably spot strange material on a smaller die because they're familiar with how the layout is supposed to look.)
There are some amazing military-grade chips out there. I was reading about the Maxim DS3600 the other day -- on-chip encryption and tamper-sensing, including detecting temperature changes and reacting by blanking all the on-board memory and stored encryption keys in nanoseconds, far faster than dumping liquid helium onto the chip would be able to freeze the memory for decoding. (They use some whack process for continually load-levelling and rewriting the keys so you can't use stored oxide charge to read what was there before it got blanked, either.) That kind of stuff is on the common market, available for anyone to buy. I assume the military has better stuff yet, and espionage people even better.
At the end of the day you have to be able to trust someone or you'll just crouch in your basement. But there are ways to verify a chip's functionality and look for clearly bogus interactions. Our chip test systems make it easy to distinguish chips from different silicon lots, much less from different fabs. As always, if you buy the cheap stuff you don't know what you're getting, but if you spend the money to do some research, you'll have a much, much better idea of what you're getting. In this case, money in the millions of dollars, granted, but if you're designing military-grade stuff, well, that's why you buy from companies with a track record of producing trustworthy stuff.
Nostalgia's not what it used to be.
Just think, a double whammy of a war.
Blar.
Just like Runaway!
Saying "you get what you pay for" is objectively true, but it ignores the point of the article....
No matter how much the DoD would like domestic chips, no matter how much they shell out, it just isn't going to happen. This shift in the market has been going on for decades, there is no way in hell you can stop it. More importantly, any efforts against it necessarily require political protectionism, which is as politically dead as buggy whips. Meanwhile, computer crime has skyrocketed in the last 5 years, and it has become extremely big business. Big enough that this kind of thing, embedding chips with spy ware, is starting to actually make sense.
I think most people recognize that the dependence of the US military on technology is problematic. At some point this will become a major vulnerability point for the US military in war. You don't have to go sci-fi and consider an EMP weapon; look no further than embedded chips, brought to you by the Russian mafia for the low-low price of a few tens of millions.
The bottom line is that you can't compete via protectionism, and if you can't compete in the market, the conventional wisdom is that you are sure to loose on the battlefield.
One can find genuine reason to be worried with the US military without ever worrying over a problem so clever as counterfeit chips. US DoD has routinely exhibited worrisome practices for years.
I work in the field of modeling & simulation supporting training and flight testing for the Army. Time and again when I've tried to find an ICD (interface control document) or spec on a low-level protocol for some box on an Apache Longbow in the end it discovered that the Government never bought said document from the manufacturer (McDonnell-Douglas, or now, Boeing). Each thing is simply an LRU (line-replaceable unit) black box whose innards are irrelevant -- the I/O is documented but when they fail the box goes back to the vendor for repair. And if you want the specs, call Boeing and they'll be happy to talk sales. US DoD acts this way in the name of "cutting costs" and the up-front bottom line probably is lower. For US companies, such as Boeing, this is no big deal since we're more or less all on the same team.
Now, flash forward -- DoD is increasingly awarding aircraft contracts to non-US companies. Take the recent US Army LUH (Light Utility Helicopter) that went to EADS North America (or the Airforce tanker contract that went likewise to EADS). This same cost-cutting "don't need this spec or that spec" mentality is still used. Now you have entire military aircraft being delivered with large-scale black boxes (easier to build than counterfeiting chips) which are potentially just as rogue. Who's to say there's no malicious firmware in there? No one seems to be looking or caring. Can anyone prove that any given system isn't poised to intentionally upon receipt of some pre-planned stimuli?
There's a lot more to worry about than "terrorists" -- mindless bureaucrats can be just as dangerous. The funny thing here is the opposition I've run into pushing for the adoption of Open Source tools. Despite a few agencies here and there employing Open Source with great success, a few memos of "endorsement," and a few official studies touting value, most DoD bureaucrats can't get past the "source is open to 'hackers' therefore must be a security threat" mentality.
Department of Dumbasses, your US tax dollars at work.
might find this off-topic. With the possibility that "Terrorists" may become relegated to the title of common criminals, there is the possibility they will be "laundered" into common gangs or mafias and gain access to legitimate businesses and therefore into manufacturing processes.
Criminals always evolve. Well, at least the smarter of them. To ignore this is simply burying ones head in the sand.
Marking this off-topic is akin to burying head in sand.
Get it?
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
That is exactly why I'm following the developments of open hardware efforts. I'm hoping they are quite successful. Then we can all know (vicariously maybe) what is in both the chips and the software without relying on MS or Intel to tell us it is all okay. Sure, that doesn't make **everything** safe, but it gets a lot closer.
Support NYCountryLawyer RIAA vs People
http://cm.bell-labs.com/who/ken/trust.html still holds true.
Comment removed based on user account deletion
That is nonsense. How do you know ahead of time the algorithm that is going to produce the desired result?
Chips are so complicated and difficult to test that it might take anywhere from 1 second to a million years or more for the intentional defect to show up even if you guessed the correct algorithm.
In case anyone wonders why this is not modded informative, it is because it is apparently the kind of sensationalist crap that is all to common these days. Chertoff's mother said that possibly they were distant cousins, and there is no evidence that anyone from Benjamin's family has ever met anyone from Michael's family.
Here is the wikipedia link.
It was considered a huge and serious problem. Quite possibly something has been done to solve it since then.
Request your free CD of my piano music.
There is little to no doubt at all though that he is a dual national with Israel as his first priority. The whole PNAC crew and their hired help are questionable on this matter.
We've seen plenty of this already with firmware. :-)
Setting up a fab, incorporating a trojan into the design, marketing the friggin product, and then seeing that it gets into the devices you want it to is MUCH more difficult than doing a little woojoo tango to help, say avian flu, hanta virus, or maybe dengue feel happy with endemic vectors. Hell, most any university lab has all the gear and no one watches those grad students, not even their advisors
Perhaps in the US. In China, execution is clearly a viable option for failure to enforce quality control measures.
smellsofbikes gave us a good description. End users don't have a whole lot of information to work with, though, and most of our critical systems are not military. So most individuals and companies rely on the reputation of the manufacturing and vendor chain.
In addition to size, an added chunk of evil circuitry is likely to detectably affect performance. The evil circuit has to connect to the normal circuit somehow, and it will add capacitance to the bus lines it connects to, or gate delays to the path it is inserted into. There is always some white space on a chip, and always some slow wires that can be tapped into, but Murphy's Law (which also applies to the bad guys) says these are not likely to be the exploitable ones.
Making runs of integrated circuits is expensive (mask sets cost millions of dollars), so counterfeiting chip designs typically only makes sense with run sizes in the millions. Failure analysis by the legitimate manufacturer is likely to detect the fraud, especially if the counterfeits are of lower quality. If you buy from reputable manufacturers and vendors (and you verify those reputations by praying to Saint Google), then you have some assurance that those companies are protecting their reputations (and profits) by looking for problems such as counterfeiting before their critics and competitors see them.
My SiidTech company ( http://www.siidtech.com/ ) licenses "ICID", a chip individualizing technology, to some semiconductor fabs for tracking their parts through production. For end user privacy protection, we mandate that the ID is inaccessible during normal operation, soldered into a board (enabling the ID with the RESET pin asserted is one way; most chips become nonfunctional during reset). Before final assembly, our manufacturer customers can use that ID to detect counterfeits. If an ID shows up that is not in the database, or appears too many times in the database, then the ICID cell was cloned or it was faked with a ROM. Not perfect detection, but it makes counterfeiting more expensive.
BTW, the main use of ICID is for quality control and failure analysis, and this involves logging measured characteristics of the individual chip in addition to its ID, so counterfeiting becomes even harder. One form of counterfeiting is to re-mark legitimate but low-grade parts as higher grade parts (like re-marking a 2.4GHz Pentium as a 2.8GHz Pentium - it will work, sorta, for a while). A combination of ID and characteristic logging is a good way to detect this.
The ICID could be designed to be available during normal operation, and this would enable consumers to query the manufacturer's website to find out whether the component is authentic. However, we can't think of a good way to keep the bad guys from using the ID to track the component (and the consumer) as well. The consumer gets privacy, but can't verify authenticity.
So consumers must rely on manufacturers for authenticity and quality, both designed in and monitored after the fact. Personally, I am a little more concerned about some unexpected interaction between new processes and the consumer environment. Perhaps we will learn that cigarette smoke dissolves the hafnium gate oxides in the new Penryn CPUs, how would Intel know in advance?
I am a LOT more concerned about inadequately verified function (some companies are too cheap to hire professionals like smellsofbikes), and the poorly tested software that runs on these systems. The bad guys don't need to inject expensive and potentially detectable vulnerabilities into the hardware when there are a multitude of system vulnerabilities already available.
Keith Lofstrom server-sky.com
1. Terror ...
2. Religion
3.
4. Profit!
I'm John McCain, and I approve this message.
"Don't let fools fool you. They are the clever ones."
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
Have they declared the War on Death yet?
Seriously, _THAT_ is what they are concerned about -- counterfeit chips. The most expensive, slow and convoluted way of causing security leaks THAT WOULD NOT EVEN WORK IF PEOPLE KEPT SENSITIVE STUFF AWAY FROM THE PUBLIC NETWORKS IN THE FIRST PLACE.
Why don't they worry about easier ways of causing trouble in a creative way such as, say, painting ships with explosive paints when they are serviced? Or causing trouble in very un-creative ways, what seems to work well anyway?
Contrary to the popular belief, there indeed is no God.
Only now do they see (the American government) the folly at sending out everything to be outsourced in china??? Come on guys, you pay yourselves big salaries at our expense then you realize your mistake by sending everything overseas to have the "cheaper price" but don't even realize that now the Chinese can control all pcs with the click of a button....should they so choose to?
"Sad but true"
They are chips dummy, hows that offtop?!
You failed to understand it.
The presence of a defect would be obvious once one of the implementation's results differed. Given a data set, any stable sorting routine, and comparison of the results from the sort on two independent platforms, you could identify the existence of a defect. Once you have three platforms, you can identify the defective implementation, and you can forward the results of the correct computation (define as winner of best 2 out of 3, aka "consensus") on to the next stage in the processing sequence.
These chip-based attacks could only look for particular instructions, or sets thereof, in certain combinations. Using two architectures would make implementing identical defects next to impossible because there is only a small overlap of instructions which are functionally identical. Combining it with a software virtual machine (that can be compiled and whose compiler output can digitally signed and verified) would also either break up or obfuscate any instruction sequence to the point of making instruction sequence-based attacks pointless.
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.