Search Mailing List Archives
[liberationtech] Boundless Informant: the NSA's secret tool to track global surveillance data
rsk at gsp.org
Tue Jun 11 04:23:02 PDT 2013
On Mon, Jun 10, 2013 at 01:48:23PM -0700, x z wrote:
> @Rich, those are good movie scripts :-). But it does not work for 9 firms,
> and hundreds of execs all with diverse values and objectives.
"hundreds"? Not necessary. Not desirable, from the NSA's point of view,
either. One person per firm would suffice, and they need not be an executive.
Surely you can't think for a moment that the NSA is incapable of placing
its own people on the datacenter staff of any major operation?
Second, how's this for a movie script?
> Annnnd I'd also, by the way, develop custom lookalike hardware. (With
> the NSA's budget, this could be done with chump change.) Who's going to
> open up a Cisco router and yank a board and look at it closely enough
> to figure out that it didn't come from Cisco?
Now quoting this (h/t to Rob Slade):
This paper is a short summary of the first real world detection
of a backdoor in a military grade FPGA. Using an innovative
patented technique we were able to detect and analyse in the
first documented case of its kind, a backdoor inserted into the
Actel/Microsemi ProASIC3 chips. The backdoor was found to exist
on the silicon itself, it was not present in any firmware loaded
onto the chip. Using Pipeline Emission Analysis (PEA), a
technique pioneered by our sponsor, we were able to extract
the secret key to activate the backdoor. This way an attacker
can disable all the security on the chip, reprogram crypto and
access keys, modify low-level silicon features, access unencrypted
configuration bitstream or permanently damage the device. Clearly
this means the device is wide open to intellectual property theft,
fraud, re-programming as well as reverse engineering of the design
which allows the introduction of a new backdoor or Trojan. Most
concerning, it is not possible to patch the backdoor in chips
already deployed, meaning those using this family of chips have
to accept the fact it can be easily compromised or it will have
to be physically replaced after a redesign of the silicon itself.
More information about the liberationtech