[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Snowden and Compilers

2014-02-16 4:03 GMT+01:00 <[email protected]>:

> So, to get down to brass tacks: If I can get to the chip mask pre
> lithography, how many gates do I need?  A thousand for a kill switch
> and three thousand for a connection?

You can also manipulate other parts of the machine. With features present
in vPro all that's needed is a "buffer overflow" hidden "bug" that allows
remote control. The "bug" might even be hidden in non-spec gates or code
flashed into it later.

Bottom line: no defense when you use vPro capable Intel chipsets.

This is a massive problem for me as someone who'd like to produce a secure
system. If the NSA can remote enable vPro anytime they like, what am I
going to do at any other level? There's plenty of tricks you can pull to
make it seem they didn't use vPro, as vPro usage is pretty much
undetectable. Think manipulation of random number generation making it seem
they have some unknown random number generator attack, when in fact they
just manipulated it.

So large is our current closed source trouble.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20140216/179d3244/attachment.html>