Forgot your password?
typodupeerror
Security The Military United States Technology Hardware

DARPA Sponsors a Hunt For Malware In Microchips 106

Posted by timothy
from the double-barreled-microscope-loaded-for-vermin dept.
Phurge links to an IEEE Spectrum story on an interesting DARPA project with some scary implications about just what it is we don't know about what chips are doing under the surface. It's a difficult problem to find invasive or otherwise malicious capabilities built into a CPU; this project's goal is to see whether vendors can find such hardware-level spyware in chips like those used in military hardware. Phurge excerpts: "Recognizing this enormous vulnerability, the DOD recently launched its most ambitious program yet to verify the integrity of the electronics that will underpin future additions to its arsenal. ... In January, the Trust program started its prequalifying rounds by sending to three contractors four identical versions of a chip that contained unspecified malicious circuitry. The teams have until the end of this month to ferret out as many of the devious insertions as they can."
This discussion has been archived. No new comments can be posted.

DARPA Sponsors a Hunt For Malware In Microchips

Comments Filter:
  • All about China (Score:5, Insightful)

    by elrous0 (869638) * on Thursday May 01, 2008 @09:25AM (#23262300)
    It cracks me up how the U.S. government is always taking ludicrous steps to "protect national security," fighting off hacker attacks with billions of dollars in specialized firewalls and security, using NSA backdoors into windows, etc. And all the while they're lecturing us on all these heavy-handed precautions, they're doing EVERYTHING, classified and not, on computers built largely of Taiwanese and Chinese manufactured chips and motherboards.

    Looks like someone finally clued these geniuses of national security in on the obvious Archilles' heel in their web of protection.

    I just hope our clueless protectors have at least had the common sense to slip in some spys at that new big "Fab 68" [forbes.com] Intel plant they're building in China.

    • by jamesh (87723)
      I've wondered this too, although more along the lines of what if 'war were declared'? Really cloak and dagger cold war stuff where we're never sure who is friend and who is foe, and even if we are sure it changes on a daily basis anyway. Suddenly the only people you can really trust to build your stuff are the people born and bred inside your borders. It would change _everything_, even if a shot were never fired or a bomb was never dropped...
      • by maxume (22995)
        It's worse than that, the only people you can trust are your neighbors.

        No wait, it's worse than that, the only people you can trust are your relatives.

        No wait, it's worse than that, they only people you can trust are your direct family.

        No wait, it's worse than that, the only people you can trust are direct family who haven't betrayed you yet.

        No wait, it's worse than that, the only person you can trust is yourself.

        Nationalism is a powerful force, but it's just tribalism writ large.
        • Can you trust yourself?
        • by Chrisq (894406)

          No wait, it's worse than that, the only person you can trust is yourself.

          That's what I thought before I came to love Big Brother. (If you're thinking the TV show you haven't got a clue)
        • Think of this program in reverse. The DoD/NSA would like this functionality in chips everywhere. They would like to know if it can be detected.
    • by btarval (874919) on Thursday May 01, 2008 @09:45AM (#23262546)
      Well, considering that the current wave in high-tech is to outsource the hardware development, it's a very valid concern.

      Here's a classic example. Startups in Silicon Valley prefer not to bring in a hardware team to develop a new box from scratch, especially when they can just buy a COTS box elsewhere for the first round. The Imaginary Property resides in the Software Apps that they can develop to run on these boxes.

      Consequently, they contract out with companies that used to be known for their motherboards, but who have moved up and will sell you a complete cutting edge system, and customize it to meet your needs. No hardware development time is required, and it's a lot cheaper.

      The catch is that, in order to support these boxes, the Startup or the customer MUST NEVER OPEN THEM. If you do, you void the warranty. At $10,000-$20,000 per box (in the storage biz) that's a very strong incentive to never ever peek inside.

      Add to that proprietary IPMI [wikipedia.org] cards.

      In short, these boxes are the best backdoor into an Organizations' IT infrastructure. You'd be surprised at the big, well-known names currently deploying them.

      The beauty of this approach is that most of these companies are based in Taiwan. Simply put, with little effort, Taiwan gets to own both China and the U.S. at the same time. That would be amusing if it weren't so sad.
    • having JUST replaced about 6 capacitors in an older motherboard (due to bad chinese caps, infamous story from about 5 yrs ago) - I concur!

      trusting ALL our electronics to the chinese is a fool's decision!

      then again, we have had a good amount of fools running this country, so I'm not all that surprised.

      if I was president (yeah right..) I would create a program to ENSURE that all chips, transistors, parts (etc) are ALSO made here (at least for security related equipment and sensitive gear). we NEED to have ma
      • Re: (Score:3, Insightful)

        by elrous0 (869638) *
        Not only that, but what if China ever decided to embargo us? It would (for a time at least) cripple most of our tech industry.
        • Not only that, but what if China ever decided to embargo us? It would (for a time at least) cripple most of our tech industry.

          its true and could be a very real possibility in the future.

          its dangerous, I think, to put so much trust in foreign manufacturing. for economic as well as security and 'peace of mind' reasons, it would be really good if this could be addressed. imagine taking even just 1 month's worth of 'iraq money' and creating (funding) local manuf in the US for essential things (not just electr
        • Re: (Score:3, Informative)

          by quanticle (843097)

          The thing with embargoes is that they work both ways. Currently, China is so dependent on the US consumer market to absorb its production that an embargo would hurt them as much as it hurts us.

          The other thing is that, despite what you've been hearing, China is not the be-all-end-all for electronics. Korea still holds the crown for manufacturing memory, Taiwan is still the leader for TFT LCDs, Israel is still manufacturing networking equipment, etc. If China embargoes the US, these other countries will r

          • by mgblst (80109)
            The Euro zone is a pretty big importer of China tech as well. Then you have Japan, and the rest of the world.

            Of course, the US is still too big a market for them to do this. One of the reasons that the US dollar hasn't fallen further, is that it is in Chinas interested to keep it high, or they would lose a lot of money.
          • by Lumpy (12016)
            On the other hand, China's only large customer is the US. If they slap an embargo on the US, the US can go to other suppliers, whereas China has few other customers rich enough to buy the massive quantities of goods they are producing.

            no we cant. companies like Apple and Dell would go out of business overnight as their products shoot up in price 300%. that new Macbook Air is no longer salable at $4500.00. not to mention the myriad of smaller companies that would go out of business overnight as sourcing I
            • by quanticle (843097)

              That may be true, but you also have to look at the impact on China. Think of the thousands of factories that are dedicated almost exclusively to supplying companies like Dell, Wal*Mart, Apple, etc. If our companies go out of business, then, guess what? Those factories go out of business too. And, given that China is a totalitarian country, its more afraid of unemployment and economic hardship than we are. Historically, dictatorships have been more vulnerable to political discontent fueled by economic h

        • Regarding Manufacturing Return.

          Yes indeed! We should keep of all critical parts, components, and materials about 30% production here (USA or within the EU, etc). These companies should focus on top quality manufacturing - not "good enough". Then these companies should be subsidized a little to make up for cheaper parts offshore.

          We already do this in the USA for some items. Take farming for example. Many crops are subsidized for the same reasons we need other vital manufacturing elements supported. Take the
      • Your skill set, intelligence behind this, etc.

        I replace a few things from time to time and I am rank beginner kit type guy (i.e. Nixie Clock kit, with WWV update). Kudos to you for finding and doing this. Most people today, 99.999%, would shrug and replace the whole board.

        So how about some details. In addition to your great pictures.
        1. A capacitor failure is always plainly visible like this?
        2. What are the three most common failures in electronics? How to find and fix them? Perhaps this answer is on a blog
    • I for one have always assumed that the hardware was an active vector for security failure. Why ANYONE who has not personally audited all the circuitry in all their chips would ever assume any different is beyond me. Actually I was always mostly worried about those Isreali ethernet chips. I have absolutely nothing to hide, but I still refuse to carry a GPS phone, and my private files are on an offline node with no WiFi, &c. Nothing wrong with being paranoid, as far as I'm concerned, I think we are all ju
    • by sm62704 (957197)
      It cracks me up how the U.S. government is always taking ludicrous steps to "protect national security,"

      "National Security" means protecting cowardly politicians. How many US politicians take a train? None? Do you have metal detectors ate the train station? No? But try to get on an airplane!

      Are there metal detectors at Walmart or JC Penny or the grocery store? Nope. But they're at the place you get license plates and in the courthouses and city halls.

      They don't worry about YOUR securiuty and safety, they wo
    • by swrona (594974)
      It comes down to this: When SkyNet attacks, do you want the Terminators to speak with a Chinese accent?
    • Well, we don't want SkyNet to be controlled by Chinese malware do we? It's bad enough that it will eventually mutate into the ultimate MalWare on it's own...
  • I already found the hidden "porn" circuitry.
  • by Erie Ed (1254426) on Thursday May 01, 2008 @09:30AM (#23262380)
    This is going to be a huge issue in the future. Another reason why buying anything not made in the US is a bad idea. We have MIL-Spec products for almost everything, yet most of our comm equpiment is simply COTS with slight modifications to the software/hardware. I'd really like to see intel/amd move operations back to the states just for this reason, also it would be a benifit to the government and the american people. The government gets what they want secure, malware free chips, and americans get good paying jobs back.
    • by Applekid (993327) on Thursday May 01, 2008 @09:33AM (#23262406)
      Although I do agree from a military perspective the less reliance on others is probably for the best, "Made in the USA" is not an alternate spelling of "exploit-free".
    • That sounds great.

      Are you willing to pay the extra money for microchips? Do you think the market is willing to pay the extra money?

      If the answer to either of those questions is NO, then it to be a heavily (government) subsidized effort or you can expect to pay at a lot more for computers than you do now. There's building Fabs here, there's the cost of labor, better environmental enforcement, taxation, etc, etc. That's a lot of setup cost and the companies aren't going to eat it.

      That's not to say there's
      • by boris111 (837756)
        then it to be a heavily (government) subsidized effort

        Maybe it would move into software so I can get paid not to code.
    • by sm62704 (957197)
      Another reason why buying anything not made in the US is a bad idea

      I would posit that it's not where it's made, but who made it. If it's made by a multinational corporation like Sony or Erricson, it's safe for the US military, because the US Government has been bought and paid for by those corporations.

      To the American government, you don't matter. Sony and BP and Shell matter. Sony contributes wads of money to "campaign contributions", all you do is vote for one paid off fool or another.
    • by rickb928 (945187)
      "I'd really like to see intel/amd move operations back to the states just for this reason"

      You mean like this [intel.com] or this [intel.com] or their sites in

      Folsom, CA
      Santa Clara, CA
      Hudson, MA
      Rio Rancho, NM
      Hillsboro, OR
      Dupont, WA
      Irvine, CA
      Fort Collins, CO
      Raleigh, NC
      Parsippany, NJ
      Columbia, SC
      Austin, TX
      Riverton, UT
      Chantilly, VA

      AMD uses Fabs in Germany, which is much friendlier to us than China. Ireland ditto, which has at least one Intel fab, and Israel, whose Intel facility you can thank for the Core Duo revolution and the death o
  • This issue is a main element in Richard Clarke's latest book - Breakpoint. Clarke is the terrorist guru from the late '90s in the Clinton administration ... and the guy the Bush administration chose to ignore. Bottom line is if you let your key silicon + hardware be exclusively built in forgien countries ( i.e. China) you're at risk of hardware level "back doors". Published in '06 - Clarke again signals a warning for the US .....
    • Oh, you mean the guy who had that fixation on some crazy Islamic fundamentalist group attacking on US soil?

      Pffft. Crazy alarmists.

      (note: sarcasm)

    • by sm62704 (957197)
      Clarke is the terrorist guru from the late '90s in the Clinton administration ... and the guy the Bush administration chose to ignore

      Well, look, if he hadn't ignored Clarke then 9-11 might not have happened. 9-11 was not only an Orwellian dream come true for a power-hungry politician, the Afghanistan war got Americans in a war mood which led to Iraq, which further destabilized the region which cause oil prices to skyrocket, which directly affected the coffers of oil men Bush and Cheney.

      And people call Bush
    • I admire the man (Richard Clarke), but have never read his books through and through, I think it's a commentary on these United States when you have to write the truth disguised as fiction to clue people in.
      I have been subject to hardware attacks, twice - suspected firmware and chip crowding techniques, 10 years apart, on Macintoshes. The result was a lot of name calling and personal attacks by people who would not even investigate past their reputations.
      It's a sad commentary.
      This DARPA initiative is a real
  • by stevew (4845) on Thursday May 01, 2008 @09:54AM (#23262628) Journal
    I find this intersting.

    I deal with foreign fab houses on every project. The odd things is that most of the backend software used by these fab houses are sold by American companies (much of which is written in India).

    There is a step in the process where a point tool (one not written by the fab house - but again an American company) is used to re-extract the design out from the polygons that describe the silicon to be fabbed. This is compared to the source gate level design I originally supplied using formal verification methods. This is done by me.

    So I suppose someone could surreptitiously change the gates I'm getting back to hide what is being inserted in there (not an easy thing to do all by itself at this level) There are places where it could be done in the process.

    At the same time - to add additional logic to a design you are not well versed in is REALLY difficult.
    • Diffucult != impossible.

      Many hacks are difficult - until you figure out how to do it. Then, it becomes documented procedure for the black-hats of the world. I.e., all a malicious designer needs to do is figure out exactly how to integrate extra logic into a chip design without getting caught once and they will then be able to do it forever, or at least until the design -> production procedures are changed to close whatever hole he may have found to exploit. Granted, in this case the logic to be added

    • IANACD or from the US. I had to scroll past pages and pages of nationalistic and economic drivel before finding someone who knew what the hell they were talking about.
    • by wfstanle (1188751)

      At the same time - to add additional logic to a design you are not well versed in is REALLY difficult.

      As you said, its real difficult but its not impossible, right? This is a good reason why it is in the national interest to preserve our industries. We need both old industries such as steel making and the new industries such as software writing and chip manufacture. If we get into a war with our primary supplier, is that nation going to sell us what we need to defeat them? Don't get me wrong, I'm really against almost all wars. As the song said "War is only good for the undertaker".

    • by TheLink (130905)
      I am not a chip designer.

      In some cases I don't think they need to add additional logic. They may just need certain stuff to fail when a particular sequence of radio frequencies, or pulses are detected.
  • Ok heres a quick summary for those who dont have the patience to read the 3 pages :

    Portions of a chip design cycle are untrusted - eg. the fab stage because its not DARPA certified etc. A malicious entity could embed small, functionally irrelevant circuits that when activated could disable(kill switch)/give unauthorized access (back door)/reveal chip secrets (reveal crypto secret key). In order to prevent it, DARPA is looking for proposals that will mitigate this, while not requiring exhaustive testing.
  • by Ralph Spoilsport (673134) * on Thursday May 01, 2008 @10:16AM (#23262852) Journal
    USgov: OK Mister smarty pants commie chip maker! PROVE TO ME that YOU"RE NOT putting malware into your chips!

    ChipMaker: Sorry, I can't do that.

    USgov: And WHY NOT???

    ChipMaker: Because it's logically impossible you retarded oaf. You can't prove a negative.

    USGov: But if you DON'T then we will have to TAKE ACTION!

    ChipMaker: Oh, jeez... like what? You bumbling fuckhead!

    USGov: we will STOP BUYING CHIPS from you! We will build them ourselves!

    ChipMaker: Sorry, Wally, but you're not going to get that past your neoliberal internal trade agreements. I can see it now: "USGov goes into Chip Making"... Intel, AMD, and IBM would crack a loaf in their pants and sue. No, you'll have to subcontract to them, and they will have to set up a multijillion dollar fab plant in the USA that is populated by expensive american workers, and suddenly every laptop made for the USGov will be slower and more expensive than any other laptop on the market. Good move, Ace. Lemme know how that works out for ya.

    USGov: buh buh buh WE NEED SECURITY!!!!

    ChipMaker: look, dumbass, we make chips. We don't care what they go in, we don't care what they do, we just make chips. Test them all you want, you're not going to find anything, because we really don't give a shit. Now, if the ultraparanoid wing of your wingnut contingent can't swing with that, tought shit.

    USGov: it would be SO much better if you simply PROVE THAT YOU'RE NOT putting bad things in our chips.

    chipMaker: (sigh). How's this, USGov, just shut the fuck up, and get with the program.

    USGov: But WE HAVE TO PROTECT OUR FREEDOMS!!!!

    ChipMaker: WHEN were your FREEDOMS ever attacked? Some crazy fucking nutjobs from a loosely organised international political crime syndicate flew some planes into your buildings. They didn't attack your freedom, they just wanted you to get your jarheads out of Saudi Arabia. And then you invaded Iraq. "I'd like to know when Iraq attacked your freedoms - I'd like to know what day it was when the Iraqi Invasion Force stormed your beaches and dumped hot lead into your freedoms, because I must been on vacation that day in someplace called REALITY." Your paranoid abuse of logic is THE SAME. And we, the Rest Of The World, are getting sick and fucking tired of your penny ante tirades that end up getting thousands of people killed. So, for the jillionth time: NO, We Can't PROVE that our chips are not full of malware, because you CAN'T PROVE A NEGATIVE. You can test all you want, but you will never be 100% sure, and thusly, you're an idiot for demanding it. Heck - even if you build them yourself, you have no proof, as some employee might etch a wee corner of the chip to cause a computer to make fart noises and blit every other frame to the screen with an image of Jesus butt raping Mohammed, but only on even numbered Tuesdays.

    USGov: BUT WE WANT SECURITY!!! We want to PROTECT OUR FREEDOMS!!!

    ChipMaker: OK, OK, you fucking moron: "I solemnly swear, cross my heart and hope to die, that there is no bad stuff on any of the chips we make. Promise. Now, is that better?"

    USGov: YOU ARE A GREAT ALLY!!! I feel so much more secure now.

    RS

    We have always been at war with Oceania.

    • by ch-chuck (9622)
      Because it's logically impossible you retarded oaf.

      Oh really? [bloomu.edu]

      • wrong.

        from the article linked:

        For one thing, a real, actual law of logic is a negative, namely the law of non-contradiction. This law states that that a proposition cannot be both true and not true. Nothing is both true and false.

        OK: "this statement is wrong."

        Goedel blew that article's line of reasoning out the door 80 years ago.

        RS

        • by ch-chuck (9622)
          GÃdel proved the incompleteness of any sufficiently powerful formal deductive system of logic. Specifically a self referential statement that claims that it is not true. That in itself does not negate the fact that it's not true that you cannot prove a negative!

          The article linked summed it up: You say you cannot prove a negative? Then prove it!

    • by Bugs42 (788576)

      you CAN'T PROVE A NEGATIVE.
      Can you please prove that?
    • by mgblst (80109)
      I don't think that anyone would mind the US government making chips for themselves. You are making a ridiculous argument.

      John
    • by Rich0 (548339)
      Strategically the US is in a bad position when it depends on military/infrastructure supplies from foreign nations.

      Just look at what happened to the USSR [wikipedia.org]. The US should know that when you procure parts from a strategic adversary you open yourself up to these kinds of attacks...
  • by Linker3000 (626634) on Thursday May 01, 2008 @10:22AM (#23262912) Journal
    If:

    10 PRINT "HELLO WORLD"

    Comes out as HERRO WORD

    You're pwned.

  • This project is for improving methods to backdoor telco equipment for data mining. Now, if you'll excuse me, I'm out of tinfoil.
  • by smellsofbikes (890263) on Thursday May 01, 2008 @10:49AM (#23263232) Journal
    I've written about this before. It's all about the design of the IC -- they're tightly integrated designs. The designer works with a design team, who reviews the layout, and sends it off to get fabricated. If what comes back isn't exactly the same as what went out it's going to be *completely* obvious. First off, the most important thing is how large the die is. Nobody can change that without everything downstream breaking -- your wafersort test hardware won't match up with the die (and wafersort is done by test engineers working with the designer, so is done where the designer works). So you can't make a larger die to put extra malicious circuitry in. Secondly, every bit of the die space you have is used. There's never unused silicon because that's wasted money. People will completely relayout a design from a square to a rectangle if that means they can get 10 more chips off a wafer. So you can't sneak malicious circuitry into an existing design.
    And, for that matter, a designer or even an applications engineer can tell, at a glance, if the silicon that came back from the fab is the same as their design. Some of our applications engineers can tell, without a microscope, what another manufacturer's raw silicon does, just by looking at it. (Not everything, obviously, but they can say "this part is logic, this part is a big power FET, there's a bunch of ESD stuff over here...")
    Bottom line: if you have to trust the design, you need to have your designer and your design review team where you can see them. The fabs don't really matter that much.
    • Re: (Score:2, Informative)

      by MobyDisk (75490)
      I respectfully disagree.

      First off, the most important thing is how large the die is.

      Obviously they would not change the die size. If the military orders .25mm bolts and gets .45mm bolts that don't fit, they don't need a security audit to figure that out.

      Secondly, every bit of the die space you have is used.

      There's lots of ways to make space. De-optimize some areas: Remove the carry lookahead logic, shrink the cache. Remove some of the full-complementary logic. Replace fast structures with smaller sub-optimal things like transmission-gate XORs. If the chip has duplicate cache to compensate for manufacturing yield

      • I grant you I'm talking purely about analog power chips, because that's what I know. I'm sure you're right about microcode -- that's probably something that could be changed. But that stuff is really optimized, isn't it? It's not like you can sneak a tcp/ip stack in there so you can do your own communication -- you'd have to go off-chip, for one thing.
        I don't know how big digital chips get tested. I do know that for our chips, we test hundreds of parts and thousands of chips still on the wafer for tens
      • Remove the carry lookahead logic, shrink the cache, etc.

        Even if changes cannot be spotted by examination, they can be caught by Manufacturing and Benchmarking tests that are used to validate each revision. JTAG tests, current consumption tests, functional tests, end to end performance tests, etc. After MFG tests wafers, QA runs its tests on packaged dies, then AEs take a look at it, then the SW and HW design teams use them as part of their development process. Then Customer engineers beat on them before they ever ship anything. Thats a lot of engineers with S

        • by kesuki (321456)
          "It would be far easier to supply your own counterfeit chip with the mods and sneak it into the supply chain."

          Which is exactly what the Chinese ARE doing, and why the DOD is testing suppliers for their ability to detect modifications to chips. they decided that every chip used by the DOD now need to be checked for modifications, so they want whomever is best at finding those modifications to do it.

          It's kinda hard to keep things secure if the Chinese have found a way to smuggle counterfeit chips into the DO
          • Those so-called "counterfeit" chips and boards you are talking about were actually unauthorized builds by contract manufacturers. If they don't work right, it is because they used seconds or substituted cheaper parts( eg lower voltage, temp rated capacitors, etc.) on the PCB. Essentially, the danger would be shipping boards that do not meet spec, the kind of stuff that can happen even without any monkey business involved.

            That has nothing to do with embedding "malware" type features into working chip and h

  • Early Motorola 6809 microprocessors had an "unused" opcode hackers named HCF -- halt and catch fire [wikipedia.org]...

    Then, you have built-in kill switches used to fight satellite TV piracy, like the dreaded DirecTV Black Sunday [securityfocus.com] killer packets that killed unauthorized access cards.

    So this stuff has happened.

    How many Counterfeit Cisco Routers [slashdot.org] have built in exploits or kill switches is another question...

  • I'm one of the people who was interviewed for this article. Several people in my department spent an afternoon talking to the IEEE Spectrum technical writer. Although it didn't really come out in the article, our take on the kill-switch concept was that it was possible but very unlikely.

    Adding a trojan at the hardware level would be incredibly difficult and risky. In the first place, reverse-engineering a design from its GDS files, determining how and where to add hidden circuitry, and then incorporating
    • by onion_joe (625886)

      I'm one of the people who was interviewed for this article. Several people in my department spent an afternoon talking to the IEEE Spectrum technical writer. Although it didn't really come out in the article, our take on the kill-switch concept was that it was possible but very unlikely.

      BUT, the payoff could be tremendous. I'm thinking Cylons here. Mod me funny if you dare, but think of simply the idea that US chips are compromised. The US did it to the USSR, the example that comes to mind is this: htt [msn.com]

  • How do you trigger a kill switch in a microprocessor running an application on top of an OS? Build in an aerial and a radio receiver?? Your tax dollars at work folks - vote for competence!
  • Extra stuff has been placed in chips for years:

    http://smithsonianchips.si.edu/chipfun/graff.htm [si.edu]

    On my favorite design we had nearly 100% coverage on the test vectors, someone said to "marx the uncovered nets" so we named them Groucho, Chico and Harpo in the netlist.
  • I think people are missing the real point here.

    DARPA is obviously seeing if they can do it. The end goal is probably to get chips manufactured for the rest of the world that the US Govt can disable at will -- something like GPS Selective Availability [wikipedia.org].

  • by currivan (654314) on Thursday May 01, 2008 @02:07PM (#23266032)
    If they think this approach is valuable to an enemy, what do you suppose the chances are that they aren't doing it themselves, but by pressuring the companies rather than surreptitiously inserting circuitry at the fab?

    In the microprocessor case, suppose they added a bit of logic to look for a particular data sequence, and if found, switch to system management mode or ring 0 and execute whatever follows. Then they could take over any machine simply by sending it a data packet. Presumably there would be some code signing to prevent anyone else from exploiting the backdoor.

    Intel, Cisco, et al are involved in the Critical Infrastructure Protection program and undoubtedly have other high-level contacts with the national security apparatus. It seems obvious that the US is in a better position than anyone else to carry out this type of attack.
  • It seems to me that even if your CPUs were "pwnd" they would still have to use the network to relay information. No suspicious network traffic, no problem. Now if your Ciscos were made in China, your in a totally different world of pain.
  • me thinks the government is worried about smelling funny. http://mobile.slashdot.org/article.pl?sid=08/05/01/129230 [slashdot.org]

Sentient plasmoids are a gas.

Working...