Amiga.org
Operating System Specific Discussions => Other Operating Systems => Topic started by: takemehomegrandma on May 28, 2012, 11:29:33 AM
-
Researchers at the Cambridge University has discovered a secret back-door in American military chips manufactured in China.
"The backdoor was found to exist on the silicon itself, it was not present in any firmware loaded onto the chip. Using Pipeline Emission Analysis (PEA), a technique pioneered by QVL we were able to extract the secret key to activate the backdoor. This way an attacker can disable all the security on the chip, reprogram the AES key, access unencrypted configuration bitstream or permanently damage the device. Clearly this means the device is wide open to intellectual property theft, fraud, re-programming and reverse engineering of the design to allow the introduction of a new backdoor or Trojan. Most disturbingly, it is not possible to patch the backdoor in chips already deployed which means those using this type of chip have to live with the fact it can be easily compromised or they will have to be physically replaced after a redesign of the silicon itself." (Link (http://www.cl.cam.ac.uk/~sps32/sec_news.html#Assurance))
Trojans and worms are very suitable to exploit back-doors like this, and maybe it has already happened? In 2010, the worm Stuxnet (Link (http://en.wikipedia.org/wiki/Stuxnet)) targeted with marksman's precision certain Siemens industrial equipment in Iran (read: that the centrifuges used to process nuclear fuel), in a way that most experts agree could only happen with nation-state support, and the US and/or Israel are high up on the list of suspects. In 2007, Israel made an air assault on targets in north-eastern parts of Syria. What was a bit "peculiar" about this, was how the Syrian state-of-the-art Radar System went down prior to the attack and could not warn about the attack. It wasn't long before military and technology bloggers concluded that this was an incident of electronic warfare - and not just any kind. Post after post speculated that the commercial off-the-shelf microprocessors in the Syrian radar might have been purposely fabricated with a hidden ”backdoor” inside. By sending a preprogrammed code to those chips, an unknown antagonist had disrupted the chips' function and temporarily blocked the radar. (Link (http://spectrum.ieee.org/semiconductors/design/the-hunt-for-the-kill-switch))
Question is who put in those back-doors? China? The US? The chip designers on their own initiatives? 99% of all CPU's are manufactured in China, but mostly they are designed and ordered by US (or other western) corporations, like Intel, AMD, TI, Apple, etc. Pentagon alone buys about 1% of the worlds entire processor production. And as mentioned above, US/Israel can have used those back-doors already. On the other hand, another peculiar event was when Iran hacked a US stealth drone and managed to land it safely and take it into their possession (Link (http://www.wired.com/dangerroom/2011/12/iran-drone-hack-gps/)), and many speculations about this suggests involvement/help from China in order to accomplish this.
Anyway, no matter who put in those back-doors, they go both ways; now when they are known they can be used by anyone with the appropriate know-how...
-
This is old... And for the drone wasn't such a backdoor needed.
They didn't need any hacking at all. Just overlay the gps signals and the drone will think it lands at homebase.
Drones are quite primitive..
-
I had heard of USA and UK having backdoors put into chips so they can override systems.
-
The "Flame" malware is the next cyber-warfare effort, obviously made by a nation-state, such as the US or Israel (given the selected targets). The Flame was discovered by Kaspersky Lab's experts during an investigation prompted by the International Telecommunication Union (ITU), which is the UN agency for information and communication technologies. The primary purpose of Flame appears to be cyber espionage, by stealing information from infected machines. Such information is then sent to a network of command-and-control servers located in many different parts of the world. It is estimated that it has been in operation since March 2010, but such is the complexity of the malicious software (far greater than Stuxnet) plus the targeted nature of the attacks, that no security software detected it. Kaspersky say that the fact that this has been under the radar for so long, suggests "that there are other operations ongoing that we don't [yet] know about."
http://www.ynetnews.com/articles/0,7340,L-4235231,00.html
http://www.valuewalk.com/2012/05/flame-virus-the-new-player-in-cyber-terrorism/
http://www.ibtimes.co.uk/articles/346076/20120528/flame-virus-discovered-cyber-attack-weapon-middle.htm
http://www.timesofisrael.com/yaalon-on-flame-virus-the-west-is-using-all-the-means-at-its-disposal-to-prevent-a-nuclear-iran/
http://www.google.com/search?aq=f&sourceid=chrome&ie=UTF-8&q=flame+virus
-
I guess that would make them "backdoor bandits"...... groan....
-
No Chinese backdoor in military chip (http://erratasec.blogspot.com/2012/05/bogus-story-no-chinese-backdoor-in.html).
-
No Chinese backdoor in military chip (http://erratasec.blogspot.com/2012/05/bogus-story-no-chinese-backdoor-in.html).
SO if you see some little wires coming out of your Military device and running off to a hackers USB port somewhere in the distance. Don't trust it...!!!
Never let the facts get in the way of a good story.
LOL
-
The real question everyone is asking is: could this QVL technology be used to recover CyberstormPPC sources so we can reprogram it to accept 512MB of fastram? ;-)
-
This news throws Doomy's entire worldview into chaos!