General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsExpert Says NSA Have Backdoors Built Into Intel And AMD Processors
CHRISTOPHER JOYE AND PAUL SMITH
One of Silicon Valleys most respected technology experts, Steve Blank, says he would be surprised if the US National Security Agency was not embedding back doors inside chips produced by Intel and AMD, two of the worlds largest semiconductor firms, giving them the possibility to access and control machines.
...
The claims come after The Australian Financial Review revealed that computers made by Chinese firm Lenovo are banned from the secret and top secret networks of the intelligence and defence services of Australia, the US, Britain, Canada and New Zealand because of concerns they are vulnerable to being hacked.
If correct, the allegations would raise the stakes in a growing cyber cold war, and fuel claims that US snooping leaves the Chinese in the shade.
http://www.afr.com/p/technology/intel_chips_could_be_nsa_key_to_ymrhS1HS1633gCWKt5tFtI
Another expert, Jonathan Brossard, who works in the field of Penetration Testing says he has demonstrated proof of this concept and proved what is almost an undetectable and incurable back door. He did so at last years black hat conference and has arrived at the same conclusion as Steve Blank. This is all made possible by the fact Intel and AMD can update the microcode on the small reprogrammable part of the CPU which gets updated every time a Microsoft update is installed. Thus the NSA can theoretically be part of this microcode and could be involved in exploiting it since they work so closely with Microsoft and other technology companies.
http://www.eteknix.com/expert-says-nsa-have-backdoors-built-into-intel-and-amd-processors/
This means that encryption is meaningless. They have pre-encryption access to everything.
The hits just keep on coming.
PowerToThePeople
(9,610 posts)There is a concern. But, if you are that concerned, there are hardware and software choices you can make to avoid the potentials you are bringing up.
AgingAmerican
(12,958 posts)Don't use Intel or AMD chips and DONT use Microsoft, Apple or Google products.
Agschmid
(28,749 posts)AgingAmerican
(12,958 posts)Just got a laptop for my daughter for her 20th birthday. It had Windows 8 on it. She dinked around with it for about an hour (took her ten minutes to figure out how to close an Internet Explorer window...etc.). She gave up and asked me to install linux on it. Put Mint on it. She had used it on my netbook, so she was somewhat used to it. No complaints from her. She says it does everything she needs it to do.
Problem solved.
Th1onein
(8,514 posts)intaglio
(8,170 posts)A hardware back door would be vulnerable to analysis and use by any country that manufactures such chips. Software back doors have been alleged ever since Windows 1 back in the 1980s and also shown to be nitrogenous fertilizer
"Black hat" hackers or attendees at the conference of the same name would have been all over such a back doors like maggots on a corpse. What is more do you honestly think that China (or Japanese businesses) would let that pass?
Edit to add, there is (or was) a back door into the random number generators of ATMs and fruit machines but not the CPU - hence ATM hacks.
longship
(40,416 posts)Technology isn't magic. And there are many people who know this stuff. But people still want to make shit up like this. Oh! Apple and Microsoft have backdoors to the NSA government spying networks!!!
Meanwhile there are projects like Linux which is open and available for anybody to see, review, contribute to. If there were hardware back doors to the processor chips, those dudes would know about it and it would be common knowledge.
This is nothing but tin foil hat bullshit.
napoleon_in_rags
(3,991 posts)Okay, first software back doors, in the code. Every time a critical security update or patch comes out for an OS, its because a back door or security hole (often times accidental in origin) has been found. So there are constant flaws being discovered, backdoors are the art of intentional flaws that are unlikely to be found.
Now as far as hardware back doors, that's utterly invisible. No on in OSS community could see them, because they lay inside microscopic chipsets, not in the source code. They could lie dormant for years, but be activated by processing instructions for render a jpg with certain qualities, (for instance) and inject stored code to be run.
longship
(40,416 posts)What code is activated on my Linux boxes?
You speak rubbish. Utter rubbish.
PowerToThePeople
(9,610 posts)also something from Stallman:
http://techrights.org/2013/07/29/echelon-prism/
joshcryer
(62,276 posts)Not so much Microsoft.
PowerToThePeople
(9,610 posts)I think on most, you have to specifically install it.
http://packages.ubuntu.com/source/precise/intel-microcode
I may have AMD micro-code on one of my boxes. I will have to check it out.
joshcryer
(62,276 posts)It ain't easy being free (as in freedom)...
AgingAmerican
(12,958 posts)NT
napoleon_in_rags
(3,991 posts)Its inside the hardware:
Apparently, the ban stems from concerns that Lenovo, which is partially owned by the Chinese governments Academy of Sciences, has built malicious circuits into their machines.
...
One possible use for a chip of that kind would be to make a Kill Switch, to remotely shut down a computer at will, or to establish back doors for even more nuanced infiltration.
None of this need have anything to do with code. A certain series of unique steps a processor could execute would trigger the shutdown for instance, and its hard wired in.
Waiting For Everyman
(9,385 posts)...
Since 2000, Intel has put out 29 microcode updates to their processors. The microcode is distributed by 1) Intel or by 2) Microsoft integrated into a BIOS or 3) as part of a Windows update. Unfortunately, the microcode update format is undocumented and the code is encrypted. This allows Intel to make sure that 3rd parties cant make unauthorized add-ons to their chips. But it also means that no one can look inside to understand the microcode, which makes it is impossible to know whether anyone is loading a backdoor into your computer.
The Dog That Never Barked
The NSA has been incredibly thorough in nailing down every possible way to tap into communications. Yet the one companys name that hasnt come up as part of the surveillance network is Intel. Perhaps they are the only good guys in the entire Orwellian mess.Slide07
Or perhaps the NSA, working with Intel and/or Microsoft, have wittingly have put backdoors in the microcode updates. A backdoor is is a way of gaining illegal remote access to a computer by getting around the normal security built-in to the computer. Typically someone trying to sneak malicious software on to a computer would try to install a rootkit (software that tries to conceal the malicious code.) A rootkit tries to hide itself and its code, but security conscious sites can discover rootkits by tools that check kernel code and data for changes.
But what if you could use the configuration and state of microprocessor hardware in order to hide? Youd be invisible to all rootkit detection techniques that checks the operating system. Or what if you can make the microprocessor random number generator (the basis of encryption) not so random for a particular machine? (The NSAs biggest coup was inserting backdoors in crypto equipment the Swiss sold to other countries.)
Rather than risk getting caught messing with everyones updates, my bet is that the NSA has compromised the microcode update signing keys giving the NSA the ability to selectively target specific computers. (Your operating system ensures security of updates by checking downloaded update packages against the signing key.) The NSA then can send out backdoors disguised as a Windows update for security. (Ironic but possible.)
That means you dont need backdoors baked in the hardware, dont need Intels buy-in, dont have discoverable rootkits, and you can target specific systems without impacting the public at large.
Two Can Play the Game
A few months ago these kind of discussions would have been theory at best, if not paranoia. Slide09The Prism disclosures prove otherwise the National Security Agency has decided it needs the ability to capture all communications in all forms. Getting inside of a target computer and weakening its encryption or having access to the plaintext of encrypted communication seems likely. Given the technical sophistication of the other parts of their surveillance net, the surprise would be if they havent implemented a microcode backdoor.
The downside is that 1) backdoors can be hijacked by others with even worse intent. So if NSA has a microcode backdoor who else is using it? and 2) What other pieces of our infrastructure, (routers, smartphones, military computers, satellites, etc) use processors with uploadable microcode?
And that may be why the Russian president is now using a typewriter rather than a personal computer.
http://steveblank.com/2013/07/15/your-computer-may-already-be-hacked-nsa-inside/
joshcryer
(62,276 posts)Several ways:
1) If Intel is in on it, then you'd have to compare CPU operation of CPUs whose microcode is updated and who has its microcode off. You should be able to reverse engineer what the microcode is doing by running an instruction set test suite. This would at least tell you what is broken and what it is intending to fix. If you find something broken you can write your own software side work arounds, which while they won't be microcode level, at least then you have a working CPU, without having to have a signed microcode.
2) If Intel isn't in on it then you can check the microcode at boot time against the microcode that Intel provides, if there's a mismatch, then you're looking at microcode that may be compromised (and that would indicate that someone other than Intel has the 2048-bit RSA key, which would be a hell of a lawsuit right there).
Waiting For Everyman
(9,385 posts)Affecting anything from military weapons, to infrastructure like damns, to phones...
Breakthrough silicon scanning discovers backdoor in military chip
http://www.csmonitor.com/USA/2012/0607/Report-Hackers-could-access-US-weapons-systems-through-vulnerable-chip
Apparently it's a recent research discovery from Cambridge, UK.
Something tells me the NSA should've been minding its own business better, instead of snooping on the innocent public. It also might've been smart not to outsource our weapons components.
joshcryer
(62,276 posts)From your linked article:
You don't have an AES key back door during development.
Indeed, the paper even says this:
Waiting For Everyman
(9,385 posts)Even I didn't believe that one.
joshcryer
(62,276 posts)It only gets applied as the OS boots. This is an OS compromise, not a hardware compromise.
leveymg
(36,418 posts)Th1onein
(8,514 posts)DeSwiss
(27,137 posts)~V for Vendetta
cantbeserious
(13,039 posts)eom
bemildred
(90,061 posts)joshcryer
(62,276 posts)It is a boot level rewrite of how the CPU works (typically to fix bugs in the CPUs design). On Linux microcode is applied with modprobe, which will search and see if the Linux Kernal requires a microcode update for a faulty processor.
bemildred
(90,061 posts)joshcryer
(62,276 posts)bemildred
(90,061 posts)joshcryer
(62,276 posts)Microsoft does not have the RSA keys to get the CPU to verify and apply the patch. Or they shouldn't, anyway. (Compare vendor microcode to MS microcode, see if they match, if not, then something is afoot.)
bemildred
(90,061 posts)An opportunity for other CPU vendors.
bemildred
(90,061 posts)And to various other things as well.
There are two cases here:
1.) Linux machines do not automatically do this: we have the status quo.
2.) Linux machines do this too: Linux will migrate to other CPUs. Microcode will get much more scrutiny.
joshcryer
(62,276 posts)It is disconcerting that we don't have an open solution.
The CPU vendors don't want anyone to have the keys for several reasons.
1) The grenade idea you mentioned, if a CPU vendors keys were in the wild, a nefarious group could put in the very kind of backdoor mentioned in the OP, trojans, viruses, who knows.
2) The vendors use microcode to actually artificially hide the fact that many CPUs are all from the same line, and their specs are not what they seem, so an end user may pay for a $150 CPU that has the same capabilities as a $500 CPU. The vendors cannot have the end user figuring that out because they want to keep the impression of yield issues and quality issues and such.
I myself have an unlocked Phenom II X4 that I bought as a AMD Athlon II X3. Turns out that AMD was churning out a huge mess of Athlon II X3s whose cores were artificially disabled, the yields were basically too good to be true and they had to meet demand for the X3 line.
bemildred
(90,061 posts)If you use a 3rd-party card, disable the onboard ethernet, you could be inaccessible.
But if it's happening automatically that the CPU microcode is getting tweaked, that's a big deal. That's a hole to drive a truck through. The CPU vendors could sell software upgrades. We could have 3rd-party CPU upgrades. I'm trying to think of upstart CPU vendors I can invest in.
But in all cases, I think you would have to build it yourself to prevent this, as it stands. Once the microcode is there, it's there.
whttevrr
(2,345 posts)Thanks guys...
Now I do need a tinfoil hat... WTF!?
microcode...
Does anyone know how I can make my own micro processor?
Uhm... it would be bad to wrap my motherboard in tinfoil, right?
bemildred
(90,061 posts)We are more discussing consequences in the commercial, open-source, and hacker worlds. You focus all that loose mental energy on something like this, things start to happen, and I would say that energy is about to get focussed. This is red meat to a hacker.
joshcryer
(62,276 posts)Closest thing you can get for now until we have open CPUs and open hardware and whatnot.
bemildred
(90,061 posts)And the sources for a dozen old browsers.
But I've got nothing worth hiding from the government, so they can sneak in and look if they want, I suppose. I would feel flattered.
Xithras
(16,191 posts)Could a microcode hack be used to log a users activities on their computers? Theoretically yes, but CPU microcode has little to no access to other hardware on your machine, so it can't do much with it (or hold much of it). Really pulling this off would require that your computer either be specifically engineered for spying (so that every relevant chip was hacked to work together), or that a second hack be put in place at the OS level to collect the data from the CPU and store or forward it. Computers aren't magic, and it would take a massive amount of engineering to build a secondary data collection network inside of your computer purely at the hardware level, and it's entirely detectable if it's built at a software level.
And here's why you don't have to worry about it unless you're either a mobster or a foreign diplomat...there is no way they could implement this on a universal scale without detection. Possibility #1 would require the close cooperation of every engineer at every major computer manufacturer. Given the massive number of people we're talking about, and the fact that most of the boardmakers are overseas and have no particular allegiance to the United States, it's laughable to assume that universal backdooring could be pulled off without that information leaking. A far more probable scenario is this: A foreign diplomat, terrorist, or mobster orders a laptop from HP. The NSA intercepts the order and works closely with HP to send them back a "special" version with the backdoors built in just for them. That is ENTIRELY plausible, and it's the only practical way that particular backdoor could be pulled off.
Possibility #2 has a greater chance of being implemented on a global scale because, as the article points out, it could theoretically be implemented in an update patch, an otherwise benign installer, or through a staggering number of other vectors (and, to be clear, on ANY OS...this isn't a Windows thing, and it could just as easily be located in a gedit patch as in a Windows Update). But again, I doubt that they could get away with it...and you can thank hackers (of both the white and black hat variety) for that. Here's why: No matter how effectively they exploit your computer, the collected data still needs to be transmitted some way. Both the white and black hats are constantly on the hunt for new ways to exploit computers and networks, and network traffic/packets from Windows machines are one of the most closely scrutinized things out there. People examine them to locate private data, hijack networks, steal wifi, locate new exploits to gain machine access, etc. If unidentified new packets started showing up in the datastream, people WOULD notice, and they'd notice within hours of it starting.
So, yes, both of these exploit methods are possible in a lab, and they are even possible when used against specific targets, but the idea that the NSA is spying on all of our computers through microcode hacks is FUD...paranoid tin-hattery timed to take advantage of the very real abuses happening within the NSA.
1-Old-Man
(2,667 posts)No backdoor is necessary. Just look to the origin of the NSA and that should be painfully clear.
MineralMan
(146,317 posts)But that's all. If such a thing exists and has been implemented, it will have been done in a way that can't be easily bypassed or even detected. While a few people are interested in such things and are looking for exploits, for whatever purpose, they may not be looking in the right places to begin with.
But that's not the real issue. The fact is that most PCs and other devices that are connected to the outside world, are used by people who don't understand what's going on inside them in any way. They have Microsoft updating their equipment, or the cell service, or HP or whoever, automatically or they simple accept any update sent their way. The opportunities for trusted vendors to insert stuff into these devices are endless and ubiquitous.
And corporations probably wouldn't cringe at the highest levels at including some government-mandated tweak in an update. In fact, they'd be likely to cooperate if there was any inducement at all, and inducements are many.
Many, many years ago, when I was testing dial-up communications software for the PC for a round-up review of such software for a major magazine, one of the programs I tested was a communications program from Hayes. I was using a "Hayes-compatible" modem in the machine used to test the software. For some reason, it simply would not autodial with the Hayes software. I could send a dialing string manually through the software to force the "Hayes-Compatible" modem to pick up and dial, but the software wouldn't do it. That program was the only modem communications program that wouldn't work perfectly with my modem. Odd, huh, that a communications software program published by a modem manufacturer wouldn't work with compatible modems from another manufacturer.
Well, I was reviewing all of these programs, so I had to figure this out. I was going to write that the Hayes software wouldn't work with some "Hayes-compatible" modems, but I thought I'd dig in further.
Well, it turned out that the software was querying the modem to check whether it was a genuine Hayes modem. I found that out by monitoring the serial port and logging everything that went in and out of that port. Sure enough, I found the query to the modem, which returned a code identifying it. On any "Hayes-compatible" modem that didn't return the right code, the program would not send the correct dialing string to the modem, but sent an erroneous string.
I called Hayes, which denied that they did that query from the software and limited the software in that way. So, I sent them the log of the serial data and said, "Really?" So, they finally admitted doing that. I wrote the review and trashed the software in one of the largest PC-related magazines at the time and explained why non-Hayes brand modem users should not purchase the Hayes software. Hayes complained bitterly to the magazine's publisher and threatened to pull all of their advertising. The publisher asked, "Was anything in the article incorrect?" Of course, there wasn't.
That was the end of that, and Hayes dropped the software after sales dropped dramatically. It was lousy communications software anyhow, but nevermind.
The point here is that companies do all sorts of stuff that users aren't aware of. Nothing would surprise me. So, does the government have a backdoor in your PC, phone, or other device? It could. It could even be silent and not findable unless triggered into going active. It could be completely undetectable until some agency decided to activate it. That wouldn't surprise me at all. And there is literally nothing that can be done by users about such a back door. If it's there, and someone has a reason to activate it, the likelihood that any PC owner would know about it is almost non-existent.
So, what to do? Disconnect the device? Not practical. The answer is to use the device in a way that doesn't attract any attention from some agency that might be able to switch on a silent backdoor. That's the only thing I can think of. Clearly, intelligence agencies, both here and elsewhere, could benefit from a backdoor they could activate on any device, if needed. Since the benefit is there, I assume that they would like to have such a backdoor available. Do they have the power to get such a thing into a device. Probably, and through a corporate partner, most likely.
So, is such a thing inside your device? I don't know. But I'd assume that it is, since it would be desirable by an agency capable of seeing that it was there. That's my assumption, anyhow. But, and here's the important part, I don't really care. The benefit of being connected is critical for me. So, it's an assumption that is really meaningless to me. I'll just count on nobody giving a shit what I'm doing and go on about my activities. I can't think of any other way to proceed.
SlipperySlope
(2,751 posts)I am a computer architect who was formerly employed for one of the "top 5" computer makers in the 1990s. This was the era before the whole computing world practically standardized on Intel processors. Back then the top computer makers each had their own internally designed CPUs, and there were three to four "independent" CPU makers like Intel.
I honestly never heard anything about the government asking us to put back doors into the processors we were building. We would have fought very hard against anything that provided a back door through customer's security, sooner or later things like that get found out and many of our customer's took their security very seriously.
HOWEVER... In the 1990s, while most of what the NSA did was secret, many in the computer industry had strong suspicions about what was going on. The NSA was the single largest purchaser of computers in the world so they weren't a customer who any computer maker wanted to upset. While I don't know that they ever requested a back door, I do know that they requested features be designed into our microprocessors to optimize them for certain mathematical operations; presumably these were mathematical operations that were of particular use in decryption and the NSA wanted them to run as fast as possible.
On a related note; I also knew that the printer makers were approached by multiple governments around the world who were asking for features be put into printers to make it harder to print counterfeit currency and to enable governments to track printed pages back to the printer they came from.
I think I've written before about what a tremendously disruptive technology the general-purpose microcomputer was in the hands of citizens. Governments have spent close to three decades trying to put that genie back into the bottle.