Nearly 20 years ago I was attacked on forums for suggesting such treats were even a possibility. What surprised me was the vehemence of the attack - that is I had a damn hide and temerity to even suggest the notion was possible.
What they didn't realize was that several years earlier that as a part of my work I'd been given the job of investigating if backdoors had been installed on certain critical hardware.
Yes, it's palpable and it's been so for a long time, unfortunately I'm not at liberty to be more specific.
Don't be fooled by the deafening silence from hardware types. Knowlwdge of existing treats and the current 'security' climate/milieu along with basic commonsense ought to suggest this problem is already with us and will be increasingly so in the near future.
Nearly 20 years ago I was attacked on forums for suggesting such treats were even a possibility.
I think you are describing cult behavior. I've seen managers do this to protect questionable deals they made with dodgy vendors.
For what it's worth, I've seen some of this in action on firewalls that shall not be named. They assumed incorrectly that we would not see the devices trying to phone home on the management cards and by home I mean a sanctioned country. This was in the hardware and not the firewall OS. I have also met a team responsible for managing the backdoor on the management boards that also shall not be named. Their backdoor was said to be for access by their support team when customers locked themselves out.
All the other backdoors I've seen were either in the OS or vendor packages. Some vendors get really nervous when their clients gain root access to their appliances and start poking around.
It's worrying to see multiple folks talking about how they've seen hardware exploitation yet aren't allowed to talk about it. It'd suggest insecurity is something they're not allowed to address and forced to accept, which is worse than being hacked. What makes hardware weaknesses so troubling is due to how close software lets untrusted code get to the metal, with things like jit gpus and wasm. Mix that with ad exchanges that let anyone bid to run code on your computer, and I wonder why the world hasn't imploded yet.
In the first few decades of the electronics industry, every device was provided with huge amounts of information in its datasheets and databooks.
That allowed an electronics engineer to make detailed comparisons between many alternatives before buying any samples and it also allowed the creation of many designs where the components where used for purposes that were very different from anything imagined by their vendors.
Already after 1990, but especially after 2000, the amount of technical documentation about hardware components that is available freely has dropped dramatically and now for most of the more complex hardware components it is possible to obtain enough information to make a design only after signing non-disclosure agreements.
This fashion of the NDA's has made it very difficult to create really innovative products or new competitors in an existing market.
For a company already established in a market, which only does new versions of old products, obtaining the documentation under NDA is trivial.
On the other hand, for designing an innovative product, obtaining the documentation is very hard.
One reason is that there is a vicious circle, until you have all the documentation, you cannot know which is the component that is suitable for your design, so you cannot commit to buy it, but many companies will not provide the documentation before you can convince them that you are committed to buy quantities large enough of that component.
Even the documentation obtained under NDA is usually much less complete than what could be obtained freely a few decades ago, so not only it is impossible to determine whether the component could be used for any other purpose than that specified by the vendor, but usually the documentation is not complete enough to determine with certainty that even the intended purpose can be accomplished.
Because of that, in most hardware projects a series of tests on prototype boards are absolutely necessary to fill the gaps in the technical documentation provided by the vendor.
So very frequently many designers have to duplicate the work of others in discovering workarounds for the bugs or lower performance than expected of various components, because even if they would want to share their experiences, they are prevented by the NDA's that they have signed.
Unfortunately, being not allowed to talk about various technical facts, without any good reason to forbid this, has become a pervasive policy.
wasm was always going to be a security nightmare. I can't imagine how that was seen as a good idea. At this point I don't let JS run by default at all, but most people won't bother doing that and they're just going to be screwed.
About 12 years ago I had several (big ISP) routers that were punting all ESP packets to the routing engine for forwarding, instead of the normal path of using ASIC's on the line cards. This was noticed because I had some customers with a lot of IPSEC traffic and there is very little capacity to forward packets using the CPU on the routing engine, so packets were being dropped.
When I opened a case with the hardware vendor and described the problem they immediately and tersely asked for a shipping address and how many cards I wanted to replace. They didn't even check for support contracts, which was unheard of especially for an expensive part like this.
These routers were purchased on the grey market so I always assumed there was some kind of (botched?) tampering with the hardware and the vendor was at least aware of it.
Lots of PoCs have been built over the years, but so far they've almost all been fun academic stunts, and not actually useful for real world scenarios.
We live in an unprecedented era of understanding when it comes to technologies used by criminals, law enforcement, and every major intelligence agency on the planet, and none of them use chip backdoors, because they just aren't needed. Nearly every attack scenario you can imagine is better served by exploiting existing bugs, or parts of the software supply chain. Software based attacks scale better, and are easier to deny later.
The closest we have to chip backdoors in practice is likely the hardware supply chain tampering for North Korea's missile program, which supposedly serves up the slightly off spec chips that cause their missiles to fail spectacularly every time they try and show them off. It makes no sense to have active backdoors like that in consumer electronics when there are so many more useful and easier to exploit bugs in existing devices.
...and none of them use chip backdoors, because they just aren't needed.
Despite my earlier comments, I think your point is essentially correct - at least it's so when it comes to what we normally consider as criminal behavior. However, that's not necessarily the case when it comes to manufacturers and or state actors who have the power to force manufacturers to secretly install backdoors into chips.
Take the case of Huawei and the ban certain countries have placed on telco carriers using its telecommunications equipment. I'm not privy to the reasons as to why certain governments have banned Huawei but one doesn't have to be Einstein to read between the lines in that it would be almost impossible to check every chip in imported Huawei switches (even if it were practicably feasible (which is doubtful) then any such checking would make the normally-competitive Huawei considerably more expensive for telcos to install than if they were to purchase from its competitors).
Huawei is and has been on a solid push to develop its own technologies, to quote Wiki "Meanwhile, it was reverse-engineering imported switches and investing heavily in research and development to manufacture its own technologies". With the support, authority and might of the Chinese Government it's not hard to imagine that a chip with a backdoor could be implanted in such equipment. Moreover, this may not happen immediately but rather some years later after an innocuous maintenance fix long after all the original brouhaha had died down.
> "Nearly 20 years ago I was attacked on forums for suggesting such threats were even a possibility. What surprised me was the vehemence of the attack - that is I had a damn hide and temerity to even suggest the notion was possible."
Welcome to the club… I been ridiculed my entire life for warnings and suggestions that decades later have all played out exactly as predicted. I've long since given up on humanity. We're just another doomed species that hasn't realized it yet.
My favourite part of this is watching what RMS has to say, watching it come to pass, and, finally, watching others dismiss his newer concerns. People may not like him as a person, and that's neither here nor there. What's depressing is the continued sleepwalking (by society at large, and geeky sub-groups in particular) into a dystopian future where the OEM has all the power.
I must admit the strange and seemingly irrational behavior of many—and that includes some governments—during the COVID pandemic has radically altered my perception of humanity. My views are now much less sanguine and much more angst-ridden.
Moreover, humanity now seems more hyped and irrational than it once was. During the Cold War MAD by some 'miracle' kept the world safe, if exactly the same situation prevailed today I much doubt that it would.
And with everything demanding to be online all the time, and cellular hardware becoming cheaper, and the software side being some combination of insecure/malicious in our surveillance capitalism dystopia... it's yet another aspect of modern life that is too uncomfortable to think about, and about which it's easy to feel powerless.
Throw it on the pile with the various environmental apocalypses and global resurgence of authoritarianism.
... it's yet another aspect of modern life that is too uncomfortable to think about, and about which it's easy to feel powerless.
Very true, and I often do.
What I find so troubling is why more people don't complain more often, we need sufficient complainers to reach critical mass and so often that's not the case. Take another such matter - the unreasonableness and unfairness of current international copyright law. It is this way and will likely remain so for a long time simply—as Cory Doctorow who regularly writes on such matters says 'the whingers and complainers are far too few in number to make any difference, they're just irrelevant noise in the political debate [note: that's my phraseology of his actual quote]. The fact is the average person couldn't give a damn about copyright law.
Same goes for many other important issues, especially surveillance capitalism! Yes, here many are aware of the fact and they actually care about it but in the yin and yang battle between surveillance capitalism and users' worry that they're under surveillance and the 'good feelings' generated by Google's and Facebook's 'free' apps then every time those apps win out by miles!
Correct, these surveillance capitalism bastards use their sophisticated knowledge of human psychology to ensure that the balance is always in their favor. (Remember, this is an age-old trick, the emperor Vespasian built the Colosseum to distract the minds of Roman citizens from local troubles.)
Tragically, our governments have done precious little to correct the problem - and again much of that can be put down to the millions of dollars Big Tech spends on lobbying governments. We citizens are seemingly always on the the losing end when big money is involved.
...But as an individual you can do something about it. Your efforts may be small and they might only benefit you but they're not nought. Only yesterday in reply to the HN story Making Quieter Technology I wrote a badly-written long-winded reply† to show how one could tackle the problem of surveillance capitalism: https://news.ycombinator.com/context?id=32383493. Bad it may be but my efforts count for something more than just zero.
...the pile with the various environmental apocalypses and global resurgence of authoritarianism.
Can't agree more. For me, the resurgence of authoritarianism is the more important of the two, for without citizen autonomy we've little or no control over environmental apocalypses let alone the many other existing worldwide problems; in effect authoritarianism neuters us.
Depressing yes, but every little tweak helps (especially so if everyone's doing it).
D:< & >:(
__
† Yes, my reply was long because it included specific actions but it was not long enough to do a good job, a blog would have been a better approach. Unfortunately, as good as 'HN comments' is, it isn't an ideal place to do this.
>What they didn't realize was that several years earlier that as a part of my work I'd been given the job of investigating if backdoors had been installed on certain critical hardware.
People like that still exist. The type of people that say shit like "well if that happens we have a much bigger problem". They should never be involved in any security related discussion.
Eric Schmidt, the former Google chairman, told Reuters in a recent interview that high-end processors should have kill-switches.
“Knowing where the chips go is probably a very good thing. You could for example, on every chip put in essentially a public private key pair, which authenticates it and allows it to work”.
What he won’t tell is that this is already a reality, as I learned after having my air-gapped system and Pixel phone wiped remotely for doing academic research on wireless “silent speech interfaces”.
Anyone doing research on this area be cautious of sabotage when using US designed CPUs (AMD/INTEL/QUALCOMM/APPLE/ARM), as the microcode, SMM and firmware of your system may be manipulated to mess up your computations. Ask your own Nation to stop trusting Silicon Valley and make your own silicon supply chain and tech services.
Remotely wiping an air-gapped system and a Pixel phone are some astonishing feats. Could you tell us some more details about that, especially why you may suspect it to be caused by malicious sabotage by some state level adversary? How did you air gap your air-gapped system?
E-waste is greatly exacerbated by low level backdoors. Gear cannot be
repurposed if you cannot trust the hardware or embedded firmware. A
skip full of Cisco routers [1] was sitting outside an organisation
once, and I asked about their fate. "Can't you just wipe the OS and
install something open source?", I asked. "Would you trust the
hardware?" they replied.
Unbelievably Cisco are still in business and actually produce
educational cyber-security materials.
"Would you trust the hardware?" is a typical attitude towards End-Of-Life equipment that is more susceptible to failure due to age e.g. organizational IT refresh cycles.
Was there any further indication that the comment was about a backdoor-type vulnerability?
"It's not technically hard to make a device that complies with the FCC that listens to nonpublic bands but then is quietly waiting for some activation trigger to listen to other bands," said Eduardo Rojas, who leads the radio spectrum lab at Embry-Riddle Aeronautical University in Florida. "Technically, it's feasible."
To prove a device had clandestine capabilities, Rojas said, would require technical experts to strip down a device "to the semi-conductor level" and "reverse engineer the design." But, he said, it can be done.
You don't like that the government colludes with captains of industry to improve it's national security posture utilizing coercive methods and appealing to baser instincts through guarantees of quid pro quo tier mutual preservation?
Oof. Well. Alls fair and all that. That's just how the game is played. Hate the game. Not the player.
Seriously though, this type of thing has kept me up at night for years.
Reminds me of some young adult book (written by Tom Clancy IIRC) where the main informant had backdoored the generic mouse drivers and had access to most computers around the world or something. It’s been over 15? years since I read them. I don’t remember the name. Net force?
Readit News
What they didn't realize was that several years earlier that as a part of my work I'd been given the job of investigating if backdoors had been installed on certain critical hardware.
Yes, it's palpable and it's been so for a long time, unfortunately I'm not at liberty to be more specific.
Don't be fooled by the deafening silence from hardware types. Knowlwdge of existing treats and the current 'security' climate/milieu along with basic commonsense ought to suggest this problem is already with us and will be increasingly so in the near future.
I think you are describing cult behavior. I've seen managers do this to protect questionable deals they made with dodgy vendors.
For what it's worth, I've seen some of this in action on firewalls that shall not be named. They assumed incorrectly that we would not see the devices trying to phone home on the management cards and by home I mean a sanctioned country. This was in the hardware and not the firewall OS. I have also met a team responsible for managing the backdoor on the management boards that also shall not be named. Their backdoor was said to be for access by their support team when customers locked themselves out.
All the other backdoors I've seen were either in the OS or vendor packages. Some vendors get really nervous when their clients gain root access to their appliances and start poking around.
That allowed an electronics engineer to make detailed comparisons between many alternatives before buying any samples and it also allowed the creation of many designs where the components where used for purposes that were very different from anything imagined by their vendors.
Already after 1990, but especially after 2000, the amount of technical documentation about hardware components that is available freely has dropped dramatically and now for most of the more complex hardware components it is possible to obtain enough information to make a design only after signing non-disclosure agreements.
This fashion of the NDA's has made it very difficult to create really innovative products or new competitors in an existing market.
For a company already established in a market, which only does new versions of old products, obtaining the documentation under NDA is trivial.
On the other hand, for designing an innovative product, obtaining the documentation is very hard.
One reason is that there is a vicious circle, until you have all the documentation, you cannot know which is the component that is suitable for your design, so you cannot commit to buy it, but many companies will not provide the documentation before you can convince them that you are committed to buy quantities large enough of that component.
Even the documentation obtained under NDA is usually much less complete than what could be obtained freely a few decades ago, so not only it is impossible to determine whether the component could be used for any other purpose than that specified by the vendor, but usually the documentation is not complete enough to determine with certainty that even the intended purpose can be accomplished.
Because of that, in most hardware projects a series of tests on prototype boards are absolutely necessary to fill the gaps in the technical documentation provided by the vendor.
So very frequently many designers have to duplicate the work of others in discovering workarounds for the bugs or lower performance than expected of various components, because even if they would want to share their experiences, they are prevented by the NDA's that they have signed.
Unfortunately, being not allowed to talk about various technical facts, without any good reason to forbid this, has become a pervasive policy.
You're correct, it is worrying but sometimes it's inevitable. Moreover it's worse when governments get involved.
In my case I've signed documents that strictly limit me from being explicit.
When I opened a case with the hardware vendor and described the problem they immediately and tersely asked for a shipping address and how many cards I wanted to replace. They didn't even check for support contracts, which was unheard of especially for an expensive part like this.
These routers were purchased on the grey market so I always assumed there was some kind of (botched?) tampering with the hardware and the vendor was at least aware of it.
We live in an unprecedented era of understanding when it comes to technologies used by criminals, law enforcement, and every major intelligence agency on the planet, and none of them use chip backdoors, because they just aren't needed. Nearly every attack scenario you can imagine is better served by exploiting existing bugs, or parts of the software supply chain. Software based attacks scale better, and are easier to deny later.
The closest we have to chip backdoors in practice is likely the hardware supply chain tampering for North Korea's missile program, which supposedly serves up the slightly off spec chips that cause their missiles to fail spectacularly every time they try and show them off. It makes no sense to have active backdoors like that in consumer electronics when there are so many more useful and easier to exploit bugs in existing devices.
Despite my earlier comments, I think your point is essentially correct - at least it's so when it comes to what we normally consider as criminal behavior. However, that's not necessarily the case when it comes to manufacturers and or state actors who have the power to force manufacturers to secretly install backdoors into chips.
Take the case of Huawei and the ban certain countries have placed on telco carriers using its telecommunications equipment. I'm not privy to the reasons as to why certain governments have banned Huawei but one doesn't have to be Einstein to read between the lines in that it would be almost impossible to check every chip in imported Huawei switches (even if it were practicably feasible (which is doubtful) then any such checking would make the normally-competitive Huawei considerably more expensive for telcos to install than if they were to purchase from its competitors).
Huawei is and has been on a solid push to develop its own technologies, to quote Wiki "Meanwhile, it was reverse-engineering imported switches and investing heavily in research and development to manufacture its own technologies". With the support, authority and might of the Chinese Government it's not hard to imagine that a chip with a backdoor could be implanted in such equipment. Moreover, this may not happen immediately but rather some years later after an innocuous maintenance fix long after all the original brouhaha had died down.
We’re talking about GDSII files passed around on USB sticks in Chinese factories. Of course there’s blackbox IP on some chips in the wild.
Welcome to the club… I been ridiculed my entire life for warnings and suggestions that decades later have all played out exactly as predicted. I've long since given up on humanity. We're just another doomed species that hasn't realized it yet.
I must admit the strange and seemingly irrational behavior of many—and that includes some governments—during the COVID pandemic has radically altered my perception of humanity. My views are now much less sanguine and much more angst-ridden.
Moreover, humanity now seems more hyped and irrational than it once was. During the Cold War MAD by some 'miracle' kept the world safe, if exactly the same situation prevailed today I much doubt that it would.
The reasons? ...Well that's for another time.
Throw it on the pile with the various environmental apocalypses and global resurgence of authoritarianism.
Very true, and I often do.
What I find so troubling is why more people don't complain more often, we need sufficient complainers to reach critical mass and so often that's not the case. Take another such matter - the unreasonableness and unfairness of current international copyright law. It is this way and will likely remain so for a long time simply—as Cory Doctorow who regularly writes on such matters says 'the whingers and complainers are far too few in number to make any difference, they're just irrelevant noise in the political debate [note: that's my phraseology of his actual quote]. The fact is the average person couldn't give a damn about copyright law.
Same goes for many other important issues, especially surveillance capitalism! Yes, here many are aware of the fact and they actually care about it but in the yin and yang battle between surveillance capitalism and users' worry that they're under surveillance and the 'good feelings' generated by Google's and Facebook's 'free' apps then every time those apps win out by miles!
Correct, these surveillance capitalism bastards use their sophisticated knowledge of human psychology to ensure that the balance is always in their favor. (Remember, this is an age-old trick, the emperor Vespasian built the Colosseum to distract the minds of Roman citizens from local troubles.)
Tragically, our governments have done precious little to correct the problem - and again much of that can be put down to the millions of dollars Big Tech spends on lobbying governments. We citizens are seemingly always on the the losing end when big money is involved.
...But as an individual you can do something about it. Your efforts may be small and they might only benefit you but they're not nought. Only yesterday in reply to the HN story Making Quieter Technology I wrote a badly-written long-winded reply† to show how one could tackle the problem of surveillance capitalism: https://news.ycombinator.com/context?id=32383493. Bad it may be but my efforts count for something more than just zero.
...the pile with the various environmental apocalypses and global resurgence of authoritarianism.
Can't agree more. For me, the resurgence of authoritarianism is the more important of the two, for without citizen autonomy we've little or no control over environmental apocalypses let alone the many other existing worldwide problems; in effect authoritarianism neuters us.
Depressing yes, but every little tweak helps (especially so if everyone's doing it).
D:< & >:(
__
† Yes, my reply was long because it included specific actions but it was not long enough to do a good job, a blog would have been a better approach. Unfortunately, as good as 'HN comments' is, it isn't an ideal place to do this.
So did you find anything?
Gun to the head change your mind?
Deleted Comment
“Knowing where the chips go is probably a very good thing. You could for example, on every chip put in essentially a public private key pair, which authenticates it and allows it to work”.
https://www.reuters.com/technology/chip-challenge-keeping-we...
What he won’t tell is that this is already a reality, as I learned after having my air-gapped system and Pixel phone wiped remotely for doing academic research on wireless “silent speech interfaces”.
Anyone doing research on this area be cautious of sabotage when using US designed CPUs (AMD/INTEL/QUALCOMM/APPLE/ARM), as the microcode, SMM and firmware of your system may be manipulated to mess up your computations. Ask your own Nation to stop trusting Silicon Valley and make your own silicon supply chain and tech services.
https://www.forbes.com/sites/davidhambling/2021/07/06/ufos-p...
Scientific paper about using infrared imaging (the rays can reach under the skin) to detect silent speech/inner speech.
Replicating this and using it to show people their inner speech can be stolen would bring awareness to possible surveillance.
https://pubmed.ncbi.nlm.nih.gov/27801867/
Unbelievably Cisco are still in business and actually produce educational cyber-security materials.
[1] https://www.schneier.com/blog/archives/2018/08/backdoors_in_...
Was there any further indication that the comment was about a backdoor-type vulnerability?
To prove a device had clandestine capabilities, Rojas said, would require technical experts to strip down a device "to the semi-conductor level" and "reverse engineer the design." But, he said, it can be done.
https://edition.cnn.com/2022/07/23/politics/fbi-investigatio...
Oof. Well. Alls fair and all that. That's just how the game is played. Hate the game. Not the player.
Seriously though, this type of thing has kept me up at night for years.