Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security The Military United States Technology Hardware

DARPA Sponsors a Hunt For Malware In Microchips 106

Posted by timothy from the double-barreled-microscope-loaded-for-vermin dept.
Phurge links to an IEEE Spectrum story on an interesting DARPA project with some scary implications about just what it is we don't know about what chips are doing under the surface. It's a difficult problem to find invasive or otherwise malicious capabilities built into a CPU; this project's goal is to see whether vendors can find such hardware-level spyware in chips like those used in military hardware. Phurge excerpts: "Recognizing this enormous vulnerability, the DOD recently launched its most ambitious program yet to verify the integrity of the electronics that will underpin future additions to its arsenal. ... In January, the Trust program started its prequalifying rounds by sending to three contractors four identical versions of a chip that contained unspecified malicious circuitry. The teams have until the end of this month to ferret out as many of the devious insertions as they can."
This discussion has been archived. No new comments can be posted.

DARPA Sponsors a Hunt For Malware In Microchips More

DARPA Sponsors a Hunt For Malware In Microchips

Comments Filter:

  • All about China (Score:5, Insightful)

    by elrous0 ( 869638 ) * on Thursday May 01, 2008 @09:25AM (#23262300)
    It cracks me up how the U.S. government is always taking ludicrous steps to "protect national security," fighting off hacker attacks with billions of dollars in specialized firewalls and security, using NSA backdoors into windows, etc. And all the while they're lecturing us on all these heavy-handed precautions, they're doing EVERYTHING, classified and not, on computers built largely of Taiwanese and Chinese manufactured chips and motherboards.

    Looks like someone finally clued these geniuses of national security in on the obvious Archilles' heel in their web of protection.

    I just hope our clueless protectors have at least had the common sense to slip in some spys at that new big "Fab 68" [forbes.com] Intel plant they're building in China.

  • Re:Speaking from a military perspective (Score:4, Insightful)

    by Applekid ( 993327 ) on Thursday May 01, 2008 @09:33AM (#23262406)
    Although I do agree from a military perspective the less reliance on others is probably for the best, "Made in the USA" is not an alternate spelling of "exploit-free".

  • Re:All about China (Score:3, Insightful)

    by elrous0 ( 869638 ) * on Thursday May 01, 2008 @09:54AM (#23262626)
    Not only that, but what if China ever decided to embargo us? It would (for a time at least) cripple most of our tech industry.

  • Presumably they're doing it themselves (Score:3, Insightful)

    by currivan ( 654314 ) on Thursday May 01, 2008 @02:07PM (#23266032)
    If they think this approach is valuable to an enemy, what do you suppose the chances are that they aren't doing it themselves, but by pressuring the companies rather than surreptitiously inserting circuitry at the fab?

    In the microprocessor case, suppose they added a bit of logic to look for a particular data sequence, and if found, switch to system management mode or ring 0 and execute whatever follows. Then they could take over any machine simply by sending it a data packet. Presumably there would be some code signing to prevent anyone else from exploiting the backdoor.

    Intel, Cisco, et al are involved in the Critical Infrastructure Protection program and undoubtedly have other high-level contacts with the national security apparatus. It seems obvious that the US is in a better position than anyone else to carry out this type of attack.

Slashdot Top Deals

The Tao is like a glob pattern: used but never used up. It is like the extern void: filled with infinite possibilities.

Close