[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cryptography] evidence for threat modelling -- street-sold hardware has been compromised

----- Forwarded message from ianG <[email protected]> -----

Date: Tue, 30 Jul 2013 14:07:44 +0300
From: ianG <[email protected]>
To: Crypto discussion list <[email protected]>
Subject: [cryptography] evidence for threat modelling -- street-sold hardware has been compromised
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130620 Thunderbird/17.0.7

It might be important to get this into the record for threat
modelling.  The suggestion that normally-purchased hardware has been
compromised by the bogeyman is often poo-pooed, and paying attention
to this is often thought to be too black-helicopterish to be serious.
E.g., recent discussions on the possibility of perversion of on-chip

This doesn't tell us how big the threat is, but it does raise it to
the level of 'evidenced'.


Computers manufactured by the worldâ??s biggest personal computer maker,
Lenovo, have been banned from the â??secretâ?? and â??â??top secretâ?? ­networks
of the intelligence and defence services of Australia, the US,
Britain, Canada, and New Zealand, because of concerns they are
vulnerable to being hacked.

Multiple intelligence and defence sources in Britain and Australia
confirmed there is a written ban on computers made by the Chinese
company being used in â??classifiedâ?? networks.

The ban was introduced in the mid-2000s after intensive laboratory
testing of its equipment allegedly documented â??back-doorâ?? hardware and
â??firmwareâ?? vulnerabilities in Lenovo chips.

cryptography mailing list
[email protected]

----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5