Counterfeit Chips Raise New Terror, Hacking Fears 173
mattnyc99 writes "We've seen overtures by computer manufacturers to build in chip security before, but now Popular Mechanics takes a long look at growing worries over counterfeit chips, from the military and FAA to the Department of Energy and top universities. While there's still never been a fake-chip sabotage or info hack on America by foreign countries or rogue groups, this article suggests just how easy it would be for chips embedded with time-release cripple coding to steal data or bring down a critical network - and how that's got Homeland shaking in its boots (but not Bruce Schneier). While PopMech has an accompanying story on the possible end of cheap gadget manufacturing in China as inflation rates soar there, it's the global hardware business in general that has DoD officials freaking out over chips."
ARRRGH! TERROR! (Score:5, Insightful)
Do you suppose someone figured out that "terror" is a funding goldmine? That the way to ride this gravy-train was to pump up the volume on the "terror" megaphone?
It's pretty funny - 'til the unintended consequences land you "in internal exile", or "extraordinary rendition".
Re:ARRRGH! TERROR! (Score:5, Insightful)
"Free speech" - "Think of the children", by the FCC
"Marijuana/drugs" - "Think of the children", by the DOJ
So, combine "think of the children" and "terrorists", and the Constitution becomes irrelevant.
Re:ARRRGH! TERROR! (Score:4, Funny)
Re: (Score:2, Interesting)
Re: (Score:2)
Re: (Score:2)
I think the public is already cynical and jaded from overuse of these two expressions. What is needed now is an immediate putdown for them. Something snappy and to the point. Something like "The kids are alright." or "...and their 72 virgins." Once these reach meme status, the healing of western civilization (what's left of it) can begin.
It could be a joint-effort with 'War on Xmas'! (Score:2)
Smoke and Mirrors (Score:3, Interesting)
Re: (Score:2)
Then, the chip maker can tell someone that genuine chips, if given the value of "foo" with the function, will output a hash "bar", and then give a list of "bar" outputs. Then, periodically change the "foo" value so if someone
Re: (Score:2)
Re: (Score:2)
In other devices, the chips can probably be copied more easily, but replacing the chips would be quite difficult, like in say a
Re: (Score:2)
Counterfeit chips not required (Score:5, Insightful)
I work in the field of modeling & simulation supporting training and flight testing for the Army. Time and again when I've tried to find an ICD (interface control document) or spec on a low-level protocol for some box on an Apache Longbow in the end it discovered that the Government never bought said document from the manufacturer (McDonnell-Douglas, or now, Boeing). Each thing is simply an LRU (line-replaceable unit) black box whose innards are irrelevant -- the I/O is documented but when they fail the box goes back to the vendor for repair. And if you want the specs, call Boeing and they'll be happy to talk sales. US DoD acts this way in the name of "cutting costs" and the up-front bottom line probably is lower. For US companies, such as Boeing, this is no big deal since we're more or less all on the same team.
Now, flash forward -- DoD is increasingly awarding aircraft contracts to non-US companies. Take the recent US Army LUH (Light Utility Helicopter) that went to EADS North America (or the Airforce tanker contract that went likewise to EADS). This same cost-cutting "don't need this spec or that spec" mentality is still used. Now you have entire military aircraft being delivered with large-scale black boxes (easier to build than counterfeiting chips) which are potentially just as rogue. Who's to say there's no malicious firmware in there? No one seems to be looking or caring. Can anyone prove that any given system isn't poised to intentionally upon receipt of some pre-planned stimuli?
There's a lot more to worry about than "terrorists" -- mindless bureaucrats can be just as dangerous. The funny thing here is the opposition I've run into pushing for the adoption of Open Source tools. Despite a few agencies here and there employing Open Source with great success, a few memos of "endorsement," and a few official studies touting value, most DoD bureaucrats can't get past the "source is open to 'hackers' therefore must be a security threat" mentality.
Department of Dumbasses, your US tax dollars at work.
Re: (Score:2)
http://deoxy.org/lawenfor.htm [deoxy.org]
"Let's just say that those who don't study history are doomed to get their butts kicked by the geeks who do."
--Kevyn http://www.schlockmercenary.com/ [schlockmercenary.com]
And who would know history and how to rape the proletariat better than our two current parties?
Re: (Score:2)
I use that line constantly, especially while watching the news and seeing the latest "terror" report.
The Counterfeit Bolt Problem (Score:5, Informative)
A construction worker was killed while torguing such a bolt while building the Saturn car factory. The head tore off and he fell to his death.
In the same article where I read this, a general complained that you could find broken bolts littering the ground in the path of tanks on training maneuvers.
There is a way to test bolts for strength, but it's expensive.
Re: (Score:3, Interesting)
Re:The Counterfeit Bolt Problem (Score:4, Insightful)
That'll significantly add to the cost when your price per unit is measured in pennies.
Re: (Score:2)
Which means insurance, testing, paperwork (in triplicate at a minimum), inspections, etc etc etc.
That'll significantly add to the cost when your price per unit is measured in pennies.
I agree, but space agencies have to deal with the extra costs due to electrical (and other related) components needing to be within more precise tolerances. Why not mission critical bolts? The space shuttle is held to the launch platform by two huge explosive bolts that only detonate and release the shuttle after the on-board computers determine all three main engines are fired up properly. How much is too much additional cost to ensure you don't lose a $1 billion+ space vehicle because of faulty bolts?
Re: (Score:2)
Re: (Score:3, Insightful)
Where the hell was this plant being built? That worker should have been wearing fall protection.
Re:The Counterfeit Bolt Problem (Score:5, Funny)
YEAH! They make these special bolts, which are super strong...oh wait.
Re: (Score:3, Informative)
Re:The Counterfeit Bolt Problem (Score:4, Insightful)
Anyway, the only reason why Homeland Security is sh*** its pants on this is that the biggest spook sabotage achievement on USSR was apparently done this way when a gas pipeline blew up due to malfunctioning of counterfeit gear. However, we do not live in the 80-es. The computers and control gear has grown much more sophisticated and frankly, if anyone wants to plant such a bomb today they will do it in software. Much cheaper and much higher probability of success.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Of course in China and whatnot the requirements are much lower.
Re: (Score:3, Insightful)
More expensive than wrongful-death compensation? Someone must have amortized this.
Re: (Score:2)
Re: (Score:2, Interesting)
Execute every manager and owner of a company found to engage in such corruption.
Such corruption strikes at the very heart of civilized society, and it should be punished with ferocious justice. It is time people in positions of authority answer for their incompetence with their lives.
Re:The Counterfeit Bolt Problem (Score:4, Interesting)
However, if executives were required to spend time IN JAIL, that might be pretty effective. Charging Mr. $$$$$$$$$ a few $$ isn't going to hurt him much. He needs to actually sit in a cell and have his photo taken for the newspaper.
Re: (Score:2)
Re: (Score:2, Insightful)
When corruption benefits those in power, why would they make any effort to stop it?
Re: (Score:2)
I would also point out, that when buying materials for construct
Re:The Counterfeit Bolt Problem (Score:5, Informative)
I've spent ten minutes googling combinations of bolt, shear, torque, substandard, high-strength, fell, factory, saturn, construction, osha, death, died, fall-hazard, snopes, urban-legend and a dozen other word combinations... no sign of this in or out of snopes.
Testing precisely is expensive. Testing within an order of magnitude isn't: twist until the bolt-head shears. As for low-grade metal being substituted in, I know a few pipefitters that can do a so-so job identifying metal composition by looking at how the metal grinds and the color of the sparks coming off the grinder.
Re: (Score:3, Informative)
It *was* a long time ago (Score:2)
It was considered a huge and serious problem. Quite possibly something has been done to solve it since then.
Re: (Score:2)
rj
So maybe there is a market... (Score:2, Interesting)
...for this [slashdot.org], after all.
The focus of comments through the article was that very few people had actually come across counterfeit chips, and the financial repercussions were limited. This shifts the focus to security, which does raise different questions
Re: (Score:2, Informative)
So, the use of one of the many obsolete parts vendors (companies that specialise in the supply of older parts, often bought as exce
Re: (Score:2)
I wonder how often counterfiet chips end up in things like medical gear without being noticed, it is a rather scary thought and potentially far more dangerous than a carefully chosen substitution by engineers who know the product.
Not Wise... (Score:2)
Digital Picture frames. (Score:5, Interesting)
Re: (Score:2)
TFA (Score:4, Informative)
The US DoD depending on the global hardware business is the scariest implication to me.
And one more thing.. this almost sounds like it could be a back door for even stronger DRM technology, embedded in hardware, in our personal computers in the future. SO, how far off base am I this time?
Re:TFA (Score:5, Insightful)
Without spraying details all over, there are many more ways to get a small piece of code inside a very secure facility, after which it's game on for the IDS system.
Even if nothing is found in the wild like this, fear of it might indeed push DRM et al into all manner of devices.
On the short list: Secure facilities should not be allowing electronic devices into their facilities. period. if they want to stay secure. No DRM should be trusted to fully do this job in such instances of security like are required for the Pentagon, military bases etc.
Adding DRM to commercial and personal use devices will NOT... repeat NOT increase security.
Re:What if the Trusted Platform Module is the fake (Score:2)
Re: (Score:3, Interesting)
What we're talking about there is Cold war V2.0 with China.
There is no shortage of people who theorize that Russia at one point might have been able to pull of some crazy hack that disabled all of our electronics using Tesla tech; what we're talking about here is an ACTUAL ability for China to do it.
The real solution to this problem is to bring manufacturing back to the United States.
Unfortuna
Re: (Score:3, Insightful)
Lou Dobbs? Is that You! (Score:3, Interesting)
They have seeded stories from Military and "Intelligence" sources for years.
Re: (Score:3, Interesting)
Re: (Score:3, Informative)
The NSA fabs its own processors at Fort Meade.
Most of these other chips are general purpose and used in a wide range of commercial applications. The idea in investing in the additional infrastructure to produce components locally will mean more foreign debt for US, increased taxes and would probably fail in the long run since licensing costs of all the various chips out there used in defence/aerospace would kill you if your only serving the military (commercial organisations wont buy if they can source it
Re: (Score:2)
Maybe we need to re-examine that as a possible income source.
Re: (Score:2)
Re: (Score:3, Informative)
Re:TFA... HOW can you call it war? (Score:3, Interesting)
If the US government (by extension, the wealthy, the connected, the power brokers, then the consumers/prosumers) want cheap goods, then they will be made in China or elsewhere. If the US wants security to not be threatened by counterfeit goods (bads) then it OUGHT to SHUT UP and bite the bullet and manufacture ALL infrastructure-threat-capable electronics domestically.
But, it can't. It can't because to do so would buck or contravene many conventions, trade acts, and agreements. If t
Re:TFA (Score:4, Informative)
I think it would depend on the context. From TFA:
However, not all experts agree that the risk is severe. After all, there's never been a report of a foreign country or criminal outfit using such technology to steal information or commit sabotage. (The United States did successfully conduct such a mission against the Soviet Union during the Cold War.)
If I'm not mistaken, the mission they are referring to [msn.com] was in 1982, when the US let the Soviet Union "steal" software that helped run a natural gas pipeline. The Russians were in the habit of stealing US technology, so the US secretly embedded the software with code that would- when run- cause the pressure in the pipes and pumps to go sky-high.
The result:
"The result was the most monumental non-nuclear explosion and fire ever seen from space."
Was this an act of war? Not really, since the code was stolen. Maybe sabotage. Terrorism? No, but it probably sent a message to the Kremlin that stealing foreign technology may not be a good idea...
W
Re: (Score:2)
There are international treaties that regulate how you can or can't treat prisoners of war that the US government would rather not adhere to.
If there isn't a war, just a bunch of "terrorist", you can simply ignore those treaties.
New terror is hacking fears (Score:4, Insightful)
Indeed... the "War on Terror" is nothing more than various groups of people trying use terror to "hack our fears". The terrorists try to hack our fears to gain power over us, and the governments fighting them do the same.
Five Words (Score:5, Insightful)
If you don't want counterfeit parts, pay for the appropriate controls and enforce them. The government has been trying to build government-class security and reliability on COTS technology for far too long.
If that means domestic production, so be it.
Re: (Score:2)
If any of these items can not be successfully accommodated, then you shouldn't use COTS parts in your product. With respect to this discussion, #1 and #3 are in question, and debatably #2.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Turnabout (Score:2, Interesting)
One wonders whether the reverse is true, and if so, why other countries are not freaking out about it...
Re:Turnabout ... Intruder... Fair Play? Only dolts (Score:2)
Criminals always evolve. Well, at least the smarter of them. To ignore this is simply burying ones head in the sand.
Marking this off-topic is akin to burying head in sand.
Get it?
Keep manufacturing in the US (Score:2, Insightful)
"All your chip are belong to us!" (Score:2)
"Someone set us up the server!"
That explains it! (Score:5, Funny)
Another one for you (Score:5, Funny)
My brother has a Shrap calculator. (Yes, S-H-R-A-P, not Sharp). The lettering looks exactly like the lettering used by Sharp during that time period (1980s). He keeps it for the humor value.
"From Shrap minds come shrap products..."
This kind of thing really does happen.
Re: (Score:2)
Re: (Score:2)
In Poland, I've read that according to polls, 50% of people admited to (still) buying counterfeit goods. I think this has a lot to do with the post-communist situation, where upon the lifting
Re: (Score:3, Funny)
And thanks to all the explosive batteries in the cheap knockoffs, from shrap products comes shrap nel....
Re: (Score:2)
Never been a fake-chip sabotage (Score:2)
Wasn't there some question about Levono's laptops recently and their potential to secretly spy on its users at a hardware level? While not exactly the same, it is similar.
More Word Games (Score:2, Insightful)
Define Counterfeit
Isn't this hashing over the same deal where the "counterfeit" parts were really just unauthorized copies of a good board? How is it "Anti-Terrorism" to terrify the crap out of unsuspecting people with far-fetched hypotheticals?
Articles like: "The danger of installing foreign designed, foreign made black boxes in our infrastructure" just sounds obvious, and the answer is obvious too: make your own boxes.
These so-called but not-exactly-counterfeits are a problem caused by a lot of shor
NSA (Score:2, Interesting)
Consensus of different implentations (Score:3, Insightful)
Just do the same algorithm on different hardware architenctures and at least one different virtual machine implementations. (Use a minimum of three implementations!) Take the answer that two agree on and forward that on to the next step in the pipeline. It would be difficult if not impossible to produce a counterfeit chip that could produce undetectable deviations in both software and hardware machines.
"Never set sail with only two compasses - use one or three."
Re:Consensus of different implentations / nonsense (Score:2)
Chips are so complicated and difficult to test that it might take anywhere from 1 second to a million years or more for the intentional defect to show up even if you guessed the correct algorithm.
the ongoing effort to make DRM mean security (Score:2, Insightful)
end of cheap gadget manufacturing in China (Score:2)
Cheaper chinese goods that are flooding in help keep prices down overall.
The CIA did this... (Score:5, Interesting)
In fact, it culminated in the mid 80's when a brand new pipeline was turned on with turbines taken from America via a Canadian intermediary. The turbines purposely malfunctioned and the resulting blast was about 1/4 the size of Hiroshima. Taking out such an important oil pipeline made a non-trivial dent in the Soviet economy.
Look up the "Farewell Dossier".
What is old is new again.
They would know (Score:2)
It would be so easy to put a back door into AMT (Score:4, Informative)
The easy way to attack remote systems at the hardware level would be to preload a back-door key into Active Management Technology. [wikipedia.org] All the hardware is already there to remote control the computer, without any help from the operating system. By default, this feature is supposed to be disabled. But a minor firmware change, initializing the AMT unit with a second hidden key instead of leaving it disabled, would make it possible to take over any corrupted machine from a level below the OS.
AMT is the latest form of this, but there's also ASF (AMD's version), and RCMP (works over UDP, while AMT is a web service).
This is tough to detect, short of cutting open the network controller chip and tracing the wiring with a scanning electron microscope. That's quite possible and tools for it exist, but it's not cheap.
Re: (Score:2)
A UDP service would be a little harder to detect, but UDP ports can be scanned too.
Hackers are cheapskates too... (Score:4, Insightful)
Fix the world's software and then those industrious rogues might decide the expense and lengthy process of counterfitting physical chips is worthwhile compared to a quick piece of spyware.
Already been done, but it's difficult (Score:5, Informative)
As someone who works in chip verification, I can tell you it's very difficult with most chips to do this, as long as the chips are designed in the US -- which is still largely the case, that they're designed here and produced in fabs in China (because labor's cheap and they don't care if their workers are exposed to HF and silane as long as money's coming in.)
You know *exactly* what size your chip die is. If the silicon comes back from the fab with a different-sized die, it will be very obvious. So nobody can put extra stuff onto an existing die. Die size is the single most critical aspect of most designs, because of the cost, so existing designs are jammed just as tightly as they can possibly be. You can't put more functionality into an existing die size. The problem, then, is letting your design out. (And even then, a competent chip designer could probably spot strange material on a smaller die because they're familiar with how the layout is supposed to look.)
There are some amazing military-grade chips out there. I was reading about the Maxim DS3600 [maxim-ic.com] the other day -- on-chip encryption and tamper-sensing, including detecting temperature changes and reacting by blanking all the on-board memory and stored encryption keys in nanoseconds, far faster than dumping liquid helium onto the chip would be able to freeze the memory for decoding. (They use some whack process for continually load-levelling and rewriting the keys so you can't use stored oxide charge to read what was there before it got blanked, either.) That kind of stuff is on the common market, available for anyone to buy. I assume the military has better stuff yet, and espionage people even better.
At the end of the day you have to be able to trust someone or you'll just crouch in your basement. But there are ways to verify a chip's functionality and look for clearly bogus interactions. Our chip test systems make it easy to distinguish chips from different silicon lots, much less from different fabs. As always, if you buy the cheap stuff you don't know what you're getting, but if you spend the money to do some research, you'll have a much, much better idea of what you're getting. In this case, money in the millions of dollars, granted, but if you're designing military-grade stuff, well, that's why you buy from companies with a track record of producing trustworthy stuff.
Re:Already been done, but it's difficult (Score:4, Interesting)
But it would require only a handful of malformed vias among millions to make your 'military grade' memory-wiping electronics get stuck at 'do not wipe' and your built-in test hardware get stuck at 'no problem'.
Just my $0.02
Re: (Score:3, Insightful)
Re: (Score:2)
Why, of course! Look no further [blogspot.com]!
On a serious note, it's interesting to see, that during the Cold War with a real threat of thermo-nuclear war the government tried to prevent mass-paranoia by spreading untruthful propaganda, while now they are doing exactly the same, but with th goal of causing mass paranoia.
24 years on... (Score:2, Informative)
Profit! (Score:3, Funny)
2. Religion
3.
4. Profit!
I'm John McCain, and I approve this message.
Schneier (Score:2)
"It's certainly possible for the world's major espionage services to secretly plant vulnerabilities in our microprocessors, but the threat is overblown," says Bruce Schneier, chief technology officer of the data security company BT Counterpane. "Why would anyone go through the effort and take the risk, when there are thousands of vulnerabilities in our computers, networks and operating systems waiting to be discovered with only a few hours' work?"
War on Death (Score:2)
Seriously, _THAT_ is what they are concerned about -- counterfeit chips. The most expensive, slow and convoluted way of causing security leaks THAT WOULD NOT EVEN WORK IF PEOPLE KEPT SENSITIVE STUFF AWAY FROM THE PUBLIC NETWORKS IN THE FIRST PLACE.
Why don't they worry about easier ways of causing trouble in a creative way such as, say, painting ships with explosive paints when they are serviced? Or causing trouble in very un-creative ways, what seems to work well anyw
You mean to tell me... (Score:2, Insightful)
"Sad but true"
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Don't fear fear, use fear....whether yours or others...
Strangely enough, using it is the only way to avoid it...
Re:Awesome! Waterboarding??? (Score:2)