Tuesday, May 29, 2012

Sah-weet: Computer Hardware Made In China Includes Anti-Global Warming Features Plus Backdoors for Chinese Military, But Mostly Backdoors for Chinese Military

Rejected backup headline: "Say, I've got an idea: let's buy more crap from China!"

If this doesn't make you leery of every single piece of hardware made in the PRC, I don't know what will:

Backdoor Found in Chinese-Made Military Silicon Chips

We all knew this was possible, but researchers have found the exploit in the wild:

"Claims were made by the intelligence agencies around the world, from MI5, NSA and IARPA, that silicon chips could be infected. We developed breakthrough silicon chip scanning technology to investigate these claims. We chose an American military chip that is highly secure with sophisticated encryption standard, manufactured in China. Our aim was to perform advanced code breaking and to see if there were any unexpected features on the chip. We scanned the silicon chip in an affordable time and found a previously unknown backdoor inserted by the manufacturer. This backdoor has a key, which we were able to extract. If you use this key you can disable the chip or reprogram it at will, even if locked by the user with their own key. This particular chip is prevalent in many systems from weapons, nuclear power plants to public transport. In other words, this backdoor access could be turned into an advanced Stuxnet weapon to attack potentially millions of systems. The scale and range of possible attacks has huge implications for National Security and public infrastructure."

...The chip in question was designed in the U.S. by a U.S. company, but manufactured in China.

Anything (and I do mean anything) manufactured in the PRC could well have some very special -- and undocumented -- functionality courtesy of the PLA (People's Liberation Army).

I am hopeful that most sophisticated buyers were already aware of this possibility.


Hat tip: badblue.com/tech.

4 comments:

Trialdog said...

What does this have to do with gay marriage?

Whitehall said...

In nuclear power plants, we don't have any safety-related microprocessors. But a "backdoor" could be used to terminate electric production.

I wonder if this scanning technique could check FPGAs (field programmable gate areas)? Those are increasingly used for nuclear applications and are seemingly not corruptable from external communications.

Anonymous said...

Some time back NASA found backdoors in their Lenovo laptops.

Anonymous said...

I found a back door on my house. Should I burn it down? You know...for national security reasons?