DARPA Sponsors a Hunt For Malware In Microchips

Phurge links to an IEEE Spectrum story on an interesting DARPA project with some scary implications about just what it is we don't know about what chips are doing under the surface. It's a difficult problem to find invasive or otherwise malicious capabilities built into a CPU; this project's goal is to see whether vendors can find such hardware-level spyware in chips like those used in military hardware. Phurge excerpts: "Recognizing this enormous vulnerability, the DOD recently launched its most ambitious program yet to verify the integrity of the electronics that will underpin future additions to its arsenal. ... In January, the Trust program started its prequalifying rounds by sending to three contractors four identical versions of a chip that contained unspecified malicious circuitry. The teams have until the end of this month to ferret out as many of the devious insertions as they can."

Well, the teams may as well quit now...

[imyy4u2]

I already found the hidden "porn" circuitry.

logically impossible

[Ralph Spoilsport]

USgov: OK Mister smarty pants commie chip maker! PROVE TO ME that YOU"RE NOT putting malware into your chips!

ChipMaker: Sorry, I can't do that.

USgov: And WHY NOT???

ChipMaker: Because it's logically impossible you retarded oaf. You can't prove a negative.

USGov: But if you DON'T then we will have to TAKE ACTION!

ChipMaker: Oh, jeez... like what? You bumbling fuckhead!

USGov: we will STOP BUYING CHIPS from you! We will build them ourselves!

ChipMaker: Sorry, Wally, but you're not going to get that past your neoliberal internal trade agreements. I can see it now: "USGov goes into Chip Making"... Intel, AMD, and IBM would crack a loaf in their pants and sue. No, you'll have to subcontract to them, and they will have to set up a multijillion dollar fab plant in the USA that is populated by expensive american workers, and suddenly every laptop made for the USGov will be slower and more expensive than any other laptop on the market. Good move, Ace. Lemme know how that works out for ya.

USGov: buh buh buh WE NEED SECURITY!!!!

ChipMaker: look, dumbass, we make chips. We don't care what they go in, we don't care what they do, we just make chips. Test them all you want, you're not going to find anything, because we really don't give a shit. Now, if the ultraparanoid wing of your wingnut contingent can't swing with that, tought shit.

USGov: it would be SO much better if you simply PROVE THAT YOU'RE NOT putting bad things in our chips.

chipMaker: (sigh). How's this, USGov, just shut the fuck up, and get with the program.

USGov: But WE HAVE TO PROTECT OUR FREEDOMS!!!!

ChipMaker: WHEN were your FREEDOMS ever attacked? Some crazy fucking nutjobs from a loosely organised international political crime syndicate flew some planes into your buildings. They didn't attack your freedom, they just wanted you to get your jarheads out of Saudi Arabia. And then you invaded Iraq. "I'd like to know when Iraq attacked your freedoms - I'd like to know what day it was when the Iraqi Invasion Force stormed your beaches and dumped hot lead into your freedoms, because I must been on vacation that day in someplace called REALITY." Your paranoid abuse of logic is THE SAME. And we, the Rest Of The World, are getting sick and fucking tired of your penny ante tirades that end up getting thousands of people killed. So, for the jillionth time: NO, We Can't PROVE that our chips are not full of malware, because you CAN'T PROVE A NEGATIVE. You can test all you want, but you will never be 100% sure, and thusly, you're an idiot for demanding it. Heck - even if you build them yourself, you have no proof, as some employee might etch a wee corner of the chip to cause a computer to make fart noises and blit every other frame to the screen with an image of Jesus butt raping Mohammed, but only on even numbered Tuesdays.

USGov: BUT WE WANT SECURITY!!! We want to PROTECT OUR FREEDOMS!!!

ChipMaker: OK, OK, you fucking moron: "I solemnly swear, cross my heart and hope to die, that there is no bad stuff on any of the chips we make. Promise. Now, is that better?"

USGov: YOU ARE A GREAT ALLY!!! I feel so much more secure now.

RS

We have always been at war with Oceania.

Quick and simple test..

[Linker3000]

If:

10 PRINT "HELLO WORLD"

Comes out as HERRO WORD

You're pwned.

Re:All about China

[megaditto]

Well, at least we had a good run for the last 50 years.

It amazes me sometimes how clueless a lot of Americans are WRT how fortunate/lucky we have been lately.

Re:Response to Minot AFB nukes incident ...

[geekboy642]

So I was reading one of your links with interest, seeing as it's been a long time since I got into a really juicy conspiracy theory. Those internet vandals keep debunking the good ones! And I came across this:

As they watched in shock and awe, randomly typed letters scrolled across a screen. The words were gibberish.

The sender "left breadcrumbs," Hank related. The deliberately attached ISP (Internet Service Provider) pointed to China.

This was bad enough. But what really freaked out the officers was the realization that none of these "stand alone" machines was online. None of them contained a modem!

So, first there's an "ISP" attached, and then there's no modem. It gets better.

How did the PLA hack supposedly secure air force computers lacking network modems? Just like as select power companies can now pipe the Internet to home computers through electrical power lines, the Chinese were able to play on SAC's supposedly secure computers through the AC power cables connecting them to the national power... "grid".

Okay. The PRC has invented the fantastic ability to first, hack into the U.S. national power grid from China and modulate a signal onto the power line. Then they somehow direct this signal unerringly into one of the U.S. government's most secure facilities, with filtered power, constant battery backup, and their own generators for extra backup. Then this super-powered signal hacks its way through the power supply unit (how? I haven't the slightest clue. Genius!) and gets into the CPU. And with all that fantastic power, what does China do? They type "gibberish."