Can You Trust Chinese Computer Equipment?

Ian Lamont writes "Suspicions about China slipping eavesdropping technology into computer exports have been around for years. But the recent spying attacks, attributed to China, on Google and other Internet companies have revived the hardware spying concerns. An IT World blogger suggests the gear can't be trusted, noting that it wouldn't be hard to add security holes to the firmware of Chinese-made USB memory sticks, computers, hard drives, and cameras. He also implies that running automatic checks for data of interest in the compromised gear would not be difficult." The blog post mentions Ken Thompson's admission in 1983 that he had put a backdoor into the Unix C compiler; he laid out the details in the 1983 Turing Award lecture, Reflections On Trusting Trust: "The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect."

put a backdoor into the Unix C compiler ?

The referenced to article doesn't actually state he included a back door. It was a proof of concept demo apparently: Suppose we wish to alter the C compiler

"one the creators of Unix, admitted that he had included a backdoor in early Unix versions. Thompson's backdoor gave him access to every Unix system then in existence"

israeli's have been doing this for 20 years

[cluemore]

talk about yer hardware backdoors ... this one is a pseudo random number generator that can be rigged to generate predictable keys. http://www.antiwar.com/orig/ketcham.php

Back doors in hardware

[Animats]

DoD is really worried about this. They're trying to develop ways to efficiently examine ICs to check for unexpected "features". Right now, it's necessary to open up the IC and put it under a scanning electron microscope, then use software that can extract the logic diagram from the scan.

One of the obvious places to put in a "back door" is in Ethernet controllers. Many used in servers already have logic for hardware "remote administration" (turn machine off, reboot, load code, etc.). It is supposed to be disabled by default, and work only when initialized with keys during hardware installation. Just build a set of default remote administration keys into the chip, and everyone using that chip is 0wned. Send the right UDP packets, and you can take over the machine. This would be completely invisible until activated.