Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Security backdoor found in China-made US military chip
Information Age ^ | May 28, 2012 | staff

Posted on 05/28/2012 7:52:40 PM PDT by Pelham

Cambridge University researchers find that a microprocessor used by the US military but made in China contains secret remote access capability

A microchip used by the US military and manufactured in China contains a secret "backdoor" that means it can be shut off or reprogrammed without the user knowing, according to researchers at Cambridge University's Computing Laboratory.

The unnamed chip, which the researchers claim is widely used in military and industrial applications, is "wide open to intellectual property theft, fraud and reverse engineering of the design to allow the introduction of a backdoor or Trojan", they said.

The discovery was made during testing of a new technique to extract the encryption key from chips, developed by Cambridge spin-off Quo Vadis Labs.

The "bug" is in the actual chip itself, rather than the firmware installed on the devices that use it. This means there is no way to fix it than to replace the chip altogether.

"The discovery of a backdoor in a military grade chip raises some serious questions about hardware assurance in the semiconductor industry," wrote Cambridge University researcher Sergei Skorobogatov and Quo Vadis Labs research Christopher Woods in a draft paper.

"It also raises some searching questions about the integrity of manufacturers making claims about [the] security of their products without independent testing."


TOPICS: Business/Economy; Computers/Internet; Conspiracy; Military/Veterans
KEYWORDS: china; computerchip; military; threatmatrix; trojan
Navigation: use the links below to view more comments.
first previous 1-2021-4041-51 last
To: Pelham

This could be good for U.S.-based chip manufacturers.

Oh, they make most of their chips overseas due to cheap labor, looser environmental regulations and lower taxes.

And even in their U.S. chip operations they employ foreign H1B visa workers.

Darn that military industrial complex! /sarc


41 posted on 05/29/2012 12:45:27 AM PDT by anymouse (God didn't write this sitcom we call life, he's just the critic.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pelham

A close reading of this article leads me to believe they are talking about a common micro-controller chip here. These chips power things like cell phones, microwave ovens, anti-lock brake systems...and most everything else these days.

They speak of a weakness in the chips encryption. I believe they are saying the code-protection feature is weak. When you program a controller chip and wish to protect your work you set a hardware flag that makes it impossible to read out the firmware by normal means.

There are companies that will open the chip and break the protection by physical means. But this story is about the manufacturer leaving in an easier way to get at the protected code.

from the article
“the chip in question is widely used in military and industrial applications. The “backdoor” means it is “wide open to intellectual property theft, fraud and reverse engineering of the design to allow the introduction of a backdoor or Trojan”, they said”

This statement is what leads me to believe they are speaking of a weak code-protection system on the chip.
This does not mean the chip can be re-programmed remotely. That ability is added by what is known as bootloader code in the chip. They don’t mention any such thing here.

Nearly all controller chips can be erased even if the code-protect flag is set. Then you can re-program the chip with new code. You could pay to have the protection of one chip physically defeated and get a copy of the firmware. Then you could simply erase the flash memory on any number of identical chips and re-program with code that has the original functionality and whatever added features you wish.(even bootloader code)

What I am saying is it would only be a little bit tougher to get at the firmware on a properly protected controller and then modify that firmware for nefarious purposes. The code-protect feature is merely a speedbump...that is all.

IMO some of the hardware geeks at this company just wanted a way to peek at whatever code these chips were ever programmed with...nothing more.

This is probably a licensed ARM variant of some type.


42 posted on 05/29/2012 1:39:53 AM PDT by Bobalu (It is not obama we are fighting, it is the media.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Bobalu

Bookmark


43 posted on 05/29/2012 2:09:04 AM PDT by publius911 (Formerly Publius 6961, formerly jennsdad)
[ Post Reply | Private Reply | To 42 | View Replies]

To: Pelham

Appears as though our creditors are securing their collateral.


44 posted on 05/29/2012 2:52:08 AM PDT by mo (If you understand, no explanation is needed. If you don't understand, no explanation is possible.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pelham

bttt


45 posted on 05/29/2012 3:54:57 AM PDT by DaveTesla (You can fool some of the people some of the time......)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pelham
I'll bet, or I have to hope, that our government discovered the backdoor years ago and quietly replaced these chips on our military equipment - and the Goldman Sachs mainframes - in order to give the Chinese a surprise when they tried to shut everything down.

Of course We the Peasants are xcrewed if you're one of those rare people who use a personal computer or keep money in a non-TBTF bank or use electricity from a grid controlled by a computer.

46 posted on 05/29/2012 5:52:43 AM PDT by Sirius Lee (When we cease to be good we'll cease to be great. Be for Goode.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sirius Lee

This is old news.

Lots of work has been done to check the artwork for these kinds of things.

BTW, this kind if cuts both ways.

The Chinese copy everything :-)


47 posted on 01/06/2014 2:09:38 PM PST by rdcbn
[ Post Reply | Private Reply | To 46 | View Replies]

To: Pelham

Why would they use a “backdoor” when we’ve pretty much invited them in the front?


48 posted on 01/06/2014 2:13:30 PM PST by Tijeras_Slim
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pelham; COUNTrecount; Nowhere Man; FightThePower!; C. Edmund Wright; jacob allen; Travis McGee; ...

Nut-job Conspiracy Theory Ping!

To get onto The Nut-job Conspiracy Theory Ping List you must threaten to report me to the Mods if I don't add you to the list...

49 posted on 01/06/2014 2:32:13 PM PST by null and void (It is as if they all had one head. Too bad they donÂ’t all have one neck.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Pelham
Does anyone remember CryptoAG?

Not only does the U.S. government do the same thing, but they've been caught doing it as well. I simply do not understand how the military could accept for delivery anything with a CPU from china. That would include an amazing amount of stuff these days. Hell, my coffee roaster has a computer in it.

50 posted on 01/06/2014 2:50:55 PM PST by zeugma (Is it evil of me to teach my bird to say "here kitty, kitty"?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: madison10
This administration has the intelligence of an amoeba. That’s ONE amoeba.

The administration doesn't buy the chips. They buy the items that the manufacturer put the chip in. The ire should be directed to the defense industry that puts profits before security.

51 posted on 01/06/2014 2:55:57 PM PST by DoodleDawg
[ Post Reply | Private Reply | To 5 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-51 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson