[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Snowden and Compilers



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/11/2014 02:17 PM, Troy Benjegerdes wrote:
> All the 'NDA'/proprietary/confidential information that goes with
> chip designs provide plenty of cover to insert backdoors.

We have already seen that they do not have to subvert the designs if
they can intercept components and replace them with boobytrapped look-
and work-alikes.

> But your USB chip, graphics card, hard drive, or two factor
> authentication token, on the other hand...

Firmware bootkits are also potential vectors.  Why go to the trouble
of backdooring the hardware when you can go after the firmware blobs
that few bother to reverse engineer anyway?

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

"We could be readin' a book." --Huey, _The Boondocks_

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlL6xw4ACgkQO9j/K4B7F8GIggCfeTxAEk7xL/rGAP1XYS119CL3
RsMAoJbDUeUoLtthNEt/eIhE9Blq7Aa2
=8uwz
-----END PGP SIGNATURE-----