Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hiding Backdoors In Hardware

Posted by Soulskill on from the hamster-escape-route dept.

quartertime writes "Remember Reflections on Trusting Trust, the classic paper describing how to hide a nearly undetectable backdoor inside the C compiler? Here's an interesting piece about how to hide a nearly undetectable backdoor inside hardware. The post describes how to install a backdoor in the expansion ROM of a PCI card, which during the boot process patches the BIOS to patch grub to patch the kernel to give the controller remote root access. Because the backdoor is actually housed in the hardware, even if the victim reinstalls the operating system from a CD, they won't clear out the backdoor. I wonder whether China, with its dominant position in the computer hardware assembly business, has already used this technique for espionage. This perhaps explains why the NSA has its own chip fabrication plant."

6 of 206 comments (clear)

  1. Undetectable? by countertrolling · · Score: 5, Insightful

    What, you can't sniff the traffic going in and out of your machine?

    --
    For justice, we must go to Don Corleone
  2. proprietary firmware by ArcRiley · · Score: 5, Insightful

    You don't even have to go to this great of a length; if you want to root Linux machines, release a proprietary driver in the form of a binary Linux kernel module and watch as your customers blindly install it.

    This is one reason why we should insist on the source code to all firmware - or reverse engineer write new firmware ourselves.

    1. Re:proprietary firmware by Salamander · · Score: 4, Insightful

      This is one reason why we should insist on the source code to all firmware - or reverse engineer write new firmware ourselves.

      "We" should reverse-engineer more firmware "ourselves" eh? When I see them at lunch, I'll let the subset of "we" who actually do such things know that somebody with an Ubuntu address said so. That'll be good for a few laughs.

      --
      Slashdot - News for Herds. Stuff that Splatters.
    2. Re:proprietary firmware by Anonymous Coward · · Score: 3, Insightful

      Why so snarky? I don't know who either of you are, but there are many ways to contribute to open-source computing. For instance, on the development, legal or political fronts. The GP's comment is wishful thinking, but that doesn't warrant getting your hate on.

  3. how do you hide it from QA? by alen · · Score: 4, Insightful

    everyone knows it's easy to slip backdoors into hardware, but hiding it is the hard part. every fabless chip maker does spot checks of their products and will find these backdoors. at the very least they will find that the shipping products aren't like the ones they designed with extra circuits.

    anyone with data that's worth keeping secret will have it behind firewalls and all kinds of security appliances that will start flashing alerts if there is traffic to a high risk geographic area

  4. Re:NSA Fabrication Plant... by mrsteveman1 · · Score: 4, Insightful

    By which I mean the summary is in error.

    That's what they want you to think.