Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Chinese Regime Has Backdoor Access to US Systems
The Epoc Times ^ | 5/26/2012 | Joshua Philipp and Epoc Times Staff

Posted on 06/05/2012 10:06:32 PM PDT by ex-Texan

Alarming report reveals malware in silicon chips

A recent study found that a U.S. military chip manufactured in China—widely used in systems for weapons, nuclear power plants, and public transport—contains a built-in backdoor that allows the Chinese regime access to critical U.S. systems.

“In other words, this backdoor access could be turned into an advanced Stuxnet weapon to attack potentially millions of systems. The scale and range of possible attacks has huge implications for national security and public infrastructure,” writes security researcher Sergei Skorobogatov on his blog. Skorobogatov is from U.K.-based Hardware Security Group at the University of Cambridge, the group that conducted the study.

The Stuxnet weapon he refers to was a piece of malware that was able to physically destroy nuclear centrifuges at an Iranian nuclear plant.

Going off claims from some of the world’s top intelligence agencies—among them MI5, NSA, and IARPA—that computer chips could be preloaded with potentially devastating malware, Hardware Security Group decided to put this to the test.

“We chose an American military chip that is highly secure with sophisticated encryption standard, manufactured in China,” Skorobogatov said. They used a new form of chip scanning technology to “see if there were any unexpected features on the chip.”

“U.K. officials are fearful that China has the capability to shut down businesses, military and critical infrastructure through cyber-attacks and spy equipment embedded in computer and telecommunications equipment,” he said, noting, “There have been many cases of computer hardware having backdoors, Trojans, or other programs to allow an attacker to gain access or transmit confidential data to a third party.”

Their complete findings will be published in September, in a paper called “Breakthrough silicon scanning discovers backdoor in military chip,” which Skorobogatov says “will expose some serious security issues in the devices, which are supposed to be unbreakable.”

The chip scanning technology is still relatively new, and thus, studies such as this are few and far between. Skorobogatov notes that 99 percent of chips are manufactured in China, and the prevalence of such malware is something he and his research group would like to investigate further.

Even so, the issue of the Chinese regime planting malware in exported technology is not unknown.

Back in July 2011, Greg Schaffer, acting deputy undersecretary of the Department of Homeland Security (DHS) National Protection and Programs Directorate, testified before the House Oversight and Government Reform Committee.

After being pressed with questions around this, Schaffer admitted he was “aware of some instances” of foreign-made software and hardware being purposely embedded with malware, The Epoch Times reported.

Rep. Jason Chaffetz (R-Utah) continued pressing Schaffer on this, and after trying to avoid the question or give vague responses several times, Schaffer admitted that he was aware of this happening, and said, “We believe there is significant risk in the area of supply chain.”

“This is one of the most complicated and difficult challenges that we have,” Schaffer said. “There are foreign components in many U.S. manufactured devices.”

Few details have been revealed since. Yet, in April 2011, the Commerce Department sent a survey to U.S. telecommunication companies—including AT&T Inc. and Verizon Communications Inc.—demanding “confidential information about their networks in a hunt for Chinese cyberspying,” Bloomberg reported in November 2011. Built-in Spying

Among the information requested were details on foreign-made hardware and software on company networks, and it asked about any findings of “unauthorized electronic hardware” or anything else suspicious, Bloomberg reported.

There seemed to be a tight lid on this, even then. A senior U.S. official spoke to Bloomberg on anonymity, noting, they report, “The survey represents ‘very high-level’ concern that China and other countries may be using their growing export sectors to develop built-in spying capabilities in U.S. networks…”

This was further exposed a month later by author and freelance writer Robert McGarvey, reporting for Internet Evolution. He was told by Don DeBolt, director of threat research at the New York security-consulting firm Total Defense, that “China has been bugging our computers for a long time,” and “We have seen cases where malware is installed at the BIOS level. Security suites do not detect it.” Computers all have a BIOS (Basic Input/Output System) chip that is sometimes hard-coded, meaning they can only be written once and contain information about the system’s hardware.

And just recently, on April 29, former U.S. counterterrorism czar Richard Clarke, who now runs his own cybersecurity firm, told Smithsonian Magazine that such Chinese malware even exists at the consumer level—in shocking prevalence—stating that everything from silicon chips, to routers, to hardware could be loaded with logic bombs, Trojan horses, and other forms of malware.

“Every major company in the United States has already been penetrated by China,” Clarke told Smithsonian Magazine.

“My greatest fear,” he continued, “is that, rather than having a cyber-Pearl Harbor event, we will instead have this death of a thousand cuts. Where we lose our competitiveness by having all of our research and development stolen by the Chinese.

Related Articles

US Military Gearing Up for Cyberwar

“And we never really see the single event that makes us do something about it. That it’s always just below our pain threshold. That company after company in the United States spends millions, hundreds of millions, in some cases billions of dollars on R&D and that information goes free to China. … After a while you can’t compete,” Clarke concluded.


TOPICS: Crime/Corruption; Extended News; Foreign Affairs; Government
KEYWORDS: china; computers; spying
Well what else is new __ ? Fools with power control everything today, even our top military staff and hundreds of computer systems run by the alphabet agencies

China probably manufactures all weapons and ammunition used by US troops and most of our military airplane parts. The whole world is corrupt and China is getting richer while we are getting poorer. Sad but true

1 posted on 06/05/2012 10:06:47 PM PDT by ex-Texan
[ Post Reply | Private Reply | View Replies]

To: blam; Quix; Alamo-Girl; M. Espinola; whitedog57; stephenjohnbanker; All

*Ping* !


2 posted on 06/05/2012 10:09:04 PM PDT by ex-Texan (Ecclesiastes 5:10 - 20)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ex-Texan

Yeah but their backdoor has on of our backdoors so.......well I wish. What the hell do we expect to happen when our chips are made by COMMMMMMUNNNIST CHINA.!!!


3 posted on 06/05/2012 10:12:15 PM PDT by TomasUSMC ( FIGHT LIKE WW2, FINISH LIKE WW2. FIGHT LIKE NAM, FINISH LIKE NAM)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ex-Texan

Nixon, Kissinger, China, “free trade,” RINOS.

See tag line.


4 posted on 06/05/2012 10:21:25 PM PDT by Carry_Okie (The RINOcrat Party is still in charge. There has never been a conservative American government.)
[ Post Reply | Private Reply | To 1 | View Replies]

Comment #5 Removed by Moderator

To: Carry_Okie

I think most free trade advocates would make the argument that national security should not be farmed out to any foreign bidders, lowest bid or not. Some things are worth paying extra for.


6 posted on 06/05/2012 10:27:57 PM PDT by risen_feenix
[ Post Reply | Private Reply | To 5 | View Replies]

To: ex-Texan

DUH! Stupid is as stupid does.


7 posted on 06/05/2012 10:37:00 PM PDT by Tuketu (The Dim Platform is splinters bound by crazy glue. We need a solvent)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ex-Texan

All the people in positions to do anything about this are either quietly fixing the problem or think themselves immune to the disaster.

We’re lucky to have survived for this long.


8 posted on 06/05/2012 10:37:47 PM PDT by unkus (Silence Is Consent)
[ Post Reply | Private Reply | To 1 | View Replies]

To: risen_feenix

To bad the greedy and stupid CEO’s strip mining our country for short term profits didn’t get the memo. China is strategically cleaning our clocks and the free trade crowd says look I made another 100 million so I must be successful. Profits are not everything and collapsing the economic system to prove this point is going to be painful.


9 posted on 06/05/2012 10:39:05 PM PDT by Gen-X-Dad
[ Post Reply | Private Reply | To 6 | View Replies]

To: risen_feenix
I think most free trade advocates would make the argument that national security should not be farmed out to any foreign bidders, lowest bid or not. Some things are worth paying extra for.

Were the companies importing said products LIABLE for said risks, my bet is that they would not be doing this.

10 posted on 06/05/2012 10:42:23 PM PDT by Carry_Okie (The RINOcrat Party is still in charge. There has never been a conservative American government.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: ex-Texan

Kruschev once said, “We will hang you ... and you will sell us the rope”.

Close. “We’ll hang ourselves and buy the rope from you.”


11 posted on 06/05/2012 10:44:28 PM PDT by Eagles6 (S)
[ Post Reply | Private Reply | To 1 | View Replies]

To: sam_paine

Weren’t you assuring us that this wasn’t happening just 2 weeks ago today?


12 posted on 06/05/2012 10:46:04 PM PDT by null and void (Day 1232 of our ObamaVacation from reality [and what dark chill/is gathering still/before the storm])
[ Post Reply | Private Reply | To 1 | View Replies]

To: Carry_Okie

Normally all security critical systems are kept off the public internet, so there would be no way for a spyware worm to communicate with a back door. However there are tricks like putting the worm on a thumb drive, labeling it porn, and “losing” it in the parking lot of a secure facility.


13 posted on 06/05/2012 10:48:52 PM PDT by HiTech RedNeck (Let me ABOs run loose Lou!)
[ Post Reply | Private Reply | To 10 | View Replies]

To: HiTech RedNeck
Normally all security critical systems are kept off the public internet,

One wonders if these chips can be queried through their power supplies via the power grid. Doubt it, but it would be interesting. If you did the transmission slow enough, the signal to noise might be lower and yet harder to detect.

14 posted on 06/05/2012 11:00:58 PM PDT by Carry_Okie (The RINOcrat Party is still in charge. There has never been a conservative American government.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: ex-Texan

And a foreign state owned telecommunication company is also a primary provider for sensitive US Government communications systems. But it’s okay, that government is mostly friendly to our causes - except when it’s not and actively works against us. That only happens every other year or so, so I guess that is a risk we can take.


15 posted on 06/05/2012 11:01:58 PM PDT by An.American.Expatriate (Here's my strategy on the War against Terrorism: We win, they lose. - with apologies to R.R.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Carry_Okie

Tapping out a signal that way would be troublesome. Computing equipment might sense power sags, but would be oblivious to any signal frequencies riding on the power wires, and would have no way of modulating same. That is, not without purpose built equipment, such as ethernet over power lines. And causing a sag to happen would be instantly seen as a bad, bad bug.


16 posted on 06/05/2012 11:04:04 PM PDT by HiTech RedNeck (Let me ABOs run loose Lou!)
[ Post Reply | Private Reply | To 14 | View Replies]

To: ex-Texan; SandRat; Impy; GOPsterinMA; unkus; cripplecreek; neverdem

Manufacturing American military software in a potentially hostile country just amazes me. Whose dumb idea was this?


17 posted on 06/05/2012 11:05:10 PM PDT by Clintonfatigued (Obama and Company lied, the American economy died)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Clintonfatigued

Whose dumb idea was this?


people who made a lot of money.

May they suffer greatly.


18 posted on 06/05/2012 11:07:33 PM PDT by unkus (Silence Is Consent)
[ Post Reply | Private Reply | To 17 | View Replies]

To: ex-Texan
Well at least we got a great deal on all those Chinese chips!

This is all just part of Slick Willie's legacy of 'free trade' and cheap Walmart junk retailing for less than US companies could make it for wholesale.

It's all about price afterall. If we would have wanted secure EPROM chips within the systems of our military's printed circuit boards, we could have made them here, but WOW, look at the low prices!

Buy now. Pay Later.
19 posted on 06/05/2012 11:09:51 PM PDT by goron (Revelation 13:18)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Clintonfatigued; ex-Texan; SandRat; Impy; unkus; cripplecreek; neverdem

“Whose dumb idea was this?”

Bill Clinton’s?


20 posted on 06/05/2012 11:14:24 PM PDT by GOPsterinMA (We may die, but DISCO LIVES FOREVER!!!)
[ Post Reply | Private Reply | To 17 | View Replies]

To: GOPsterinMA

Clinton was certainly party to it because of the money he received from the Chicoms.


21 posted on 06/05/2012 11:20:47 PM PDT by unkus (Silence Is Consent)
[ Post Reply | Private Reply | To 20 | View Replies]

To: GOPsterinMA
Wall Street/Stockholders. We have to hit those quarterly forecasts, so we have to outsource to the cheapest bidder who happens to be China, our friendly enemy.
22 posted on 06/05/2012 11:21:27 PM PDT by Chgogal (WSJ, Coulter, Kristol, Krauthammer, Rove et al., STFU. Thank you.)
[ Post Reply | Private Reply | To 20 | View Replies]

To: Chgogal

“China, our friendly enemy.”

I love it! So true!!!


23 posted on 06/05/2012 11:25:00 PM PDT by GOPsterinMA (We may die, but DISCO LIVES FOREVER!!!)
[ Post Reply | Private Reply | To 22 | View Replies]

To: unkus

Exactly!!!

Al Gore: “No controlling legal authority”

Traitorous trash!


24 posted on 06/05/2012 11:25:15 PM PDT by GOPsterinMA (We may die, but DISCO LIVES FOREVER!!!)
[ Post Reply | Private Reply | To 21 | View Replies]

To: GOPsterinMA

Al Gore: “No controlling legal authority”

Traitorous trash!


And they CYA and protect each other.

Bastards, all.


25 posted on 06/05/2012 11:30:28 PM PDT by unkus (Silence Is Consent)
[ Post Reply | Private Reply | To 24 | View Replies]

To: GOPsterinMA
Buy now. Pay Later.
26 posted on 06/05/2012 11:43:47 PM PDT by goron (Revelation 13:18)
[ Post Reply | Private Reply | To 20 | View Replies]

To: ex-Texan
China's not the only country tapping out malicious code. Pretty much every country that has access to the Internet is involved at some level.

There are high level, state sponsored efforts that companies and government agencies get Shanghaied by, and rouge, low-level criminal or hacker activities.

I don't consider farming out development of mission critical systems and components to be "stupid". The perps know what's at risk. It's all part of the globalist playbook.

27 posted on 06/06/2012 12:25:04 AM PDT by uncommonsense (Conservatives believe what they see; Liberals see what they believe.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: risen_feenix

“I think most free trade advocates would make the argument that national security should not be farmed out to any foreign bidders, lowest bid or not. Some things are worth paying extra for.”

It is true the military is supposed to source domestically where possible. Unfortunately, huge segments of our industrial infrastructure no longer exist so it is not always possible to domestically source components. The military market is not large enough, even if it pays a premium price, to keep factories for many products running.

One example is the decline of the US textile and apparel business. It is likely the last domestic nylon yarn spinning plant will close within the next five years. With the recent passage of the Korea free trade bill it will be cheaper to import the yarn from Korea than keep the last US factory open.

The consumer “outdoor” industry uses a significant amount of nylon and polyester (tents, packs, clothing, other equipment). Legislation is now being pushed in Congress to eliminate tariffs on import of consumer outdoor products. Once that happens (likely 2013) as both parties are in favor, this source of domestic demand will go away (as will the tariff revenue to the US government for current imports). Say goodbye to domestic production of polyester and nylon yarns. Imagine all of the military products (clothing, parachutes, seating, ropes, body armor, velcro, parts) made from nylon and polyester. Without a consumer demand for domestic products, there will be no manufacturing infrastructure in place to make military products at any price.

Thanks to the loss of domestic manufacturing infrastructure over the past 20 years to Asia, we no longer have the manufacturing capability in place to support a protracted war. If this were 1941, we would be positioned to lose the war as we would not be able to import the raw materials, we would not have the factories in place, and we could not build the factories fast enough.

I’d rather pay $10 more for a domestic tent, $2.00 more for a domestic polyester shirt, or 50 cents more for a domestic plastic bowl than be in a position where this nation’s supply lines would be cut at the beginning of a conflict and the factories would not exist to be converted to war production. In the event of war with China, does anyone believe we will be able to import chips, clothing, tires, and other materials once the war begins?


28 posted on 06/06/2012 3:58:02 AM PDT by Soul of the South
[ Post Reply | Private Reply | To 6 | View Replies]

To: Carry_Okie

None of our vital military components should be made in China.


29 posted on 06/06/2012 6:03:57 AM PDT by Toddsterpatriot (Math is hard. Harder if you're stupid.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: HiTech RedNeck
Tapping out a signal that way would be troublesome.

I have a degree in signal processing. It's been a long time, but, having seen switches capable of sensing distinctions at -60dB, well, I have no idea any more what these guys can do now, so I asked. It would take a trigger string or spread spectrum key, but with so many devices that's not likely. The liability would be that once known, it could easily be canceled. The problem for the listener would be detecting and untangling the multiple identifiers amid so much noise.

My point in asking the question was to point out how unlikely it is that if the Chinese are that motivated to penetrate our systems, then we just should never buy the stuff. It can't be that much cheaper and what with the requirements of Mil-Spec documentation, they probably cheat on that too. Not that I think all that paperwork accomplishes diddly, but it is unfair to the domestic supplier. The benefit to us of having our auditors on the ground there was clearly illusory.

30 posted on 06/06/2012 6:05:41 AM PDT by Carry_Okie (The RINOcrat Party is still in charge. There has never been a conservative American government.)
[ Post Reply | Private Reply | To 16 | View Replies]

To: Toddsterpatriot
None of our vital military components should be made in China.

How about all those laptops Toddster??? Those get "vital" too, depending upon where they are used. This economy would come to a stand-still if they Chinks (and in this instance, pun intended, because that is what they are installing in our equipment) had so much as a "get lost, permanently" destruct mechanism.

You guys just don't think about possibilities very well when the prospect of an extra $.03 per part is waved in front of your nose.

31 posted on 06/06/2012 6:11:29 AM PDT by Carry_Okie (The RINOcrat Party is still in charge. There has never been a conservative American government.)
[ Post Reply | Private Reply | To 29 | View Replies]

To: Carry_Okie
How about those laptops?

I don't save $.03 per part.

You must be confused.

32 posted on 06/06/2012 6:16:30 AM PDT by Toddsterpatriot (Math is hard. Harder if you're stupid.)
[ Post Reply | Private Reply | To 31 | View Replies]

To: ex-Texan

“Skorobogatov notes that 99 percent of chips are manufactured in China”

Um, no. Not even close. Maybe .99%, but that seems a bit too high to me. Quite a bit too high, actually.


33 posted on 06/06/2012 6:43:20 AM PDT by green iguana
[ Post Reply | Private Reply | To 1 | View Replies]

To: Toddsterpatriot

None are. Taiwan is a different story, but China? No.


34 posted on 06/06/2012 6:57:01 AM PDT by green iguana
[ Post Reply | Private Reply | To 29 | View Replies]

To: unkus; goron

Filthy, dripping, oozing whores - all of the Rats!!!


35 posted on 06/06/2012 7:30:44 AM PDT by GOPsterinMA (We may die, but DISCO LIVES FOREVER!!!)
[ Post Reply | Private Reply | To 25 | View Replies]

To: Toddsterpatriot
I don't save $.03 per part.

Apple, Acer, and others do. That's how those parts get here. Or do you know crap about manufacturing?

You must be confused.

Culpable denial is confusion in the eye of the beholder.

36 posted on 06/06/2012 7:32:17 AM PDT by Carry_Okie (The RINOcrat Party is still in charge. There has never been a conservative American government.)
[ Post Reply | Private Reply | To 32 | View Replies]

To: null and void; ex-Texan; TomasUSMC; Carry_Okie; risen_feenix; Tuketu; unkus; Gen-X-Dad; Eagles6; ...
null&void: Weren’t you assuring us that this wasn’t happening just 2 weeks ago today?

No. It was exactly ONE week ago. Thanks for the ping to another anthill, tho. =)

The question is: does anyone really want to know that the author of the study in question (Sergei Skorobogatov) specifically said that what he found in an FPGA programming method had nothing to do with the Chinese?

Does anyone here really care about the real potential for espionage from Norks, Russians, and Chinese that can so easily be done via USA fabs and design houses?

Does anyone here care that these stories are being ginned and purposefully conflated with the instances of counterfeiting done in every country of origin with nothing to do with software/networking espionage like Stuxnet (which was also not Chinese)? Does anyone care that these stories are fanned by Richard Clarke and Carl Levin to push their establishment agendas, and distracts from the numerous "legitimate" ways to infiltrate US military systems.

IOW, these guys are interested in directing attention away from their buds in the existing sloppy military procurement bureaucracy, away from the wide-open real threats to espionage in San Jose, California, for example, and on to those bastard freetradecommies that everybody hates. Did Clarke mention he has a book out for sale?

Fake Chinese Parts 'Found In US Planes'

05/30/2012 12:54:31 PM PDT · 176 of 177
sam_paine to Justa; jrestrepo; NVDave
So now we all agree! Like I was saying...

    BI: Could you respond to this Errata post ("Bogus story: no Chinese backdoor in military chip") specifically?

    [Sergei Skorobogatov] 1) We have made no reference to any Chinese involvement in either of the released papers or any reference to espionage. Therefore we don't agree with Robert Graham's assertion that we suggest Chinese involvement. So we have no idea why people have linked the Chinese to this as it did not come from us.

    [Sergei Skorobogatov] 2) As far as we are concerned the back door was implemented by the manufacturers at the design stage and we suggest that in the papers.

That is from your "rebuttal" link, Justy.

Ok? So now we can all agree that the article of the original thread is about fraudulently copied functional equivalents, and not Chinese espionage like Sergei Impliedalotovstov says he's not alluding to. And we can agree that your rebuttal's author Sergei found a method to read out Actel's FPGA programming....which would allow certain data to be read if you could clip wires onto that physical system.

Wooptiedoo! Anyone who has ever fired up an evaluation board with a microcontroller or FPGA from Actel or Xilinx has known this for decades.

I've already mentioned upthread a more glaring, public, non-hidden problem with FPGAs which have the ability to be programmed via serial links and networks. So yeah, those systems could be vulnerable to cyberattacks from Korea or Russia or Israel or China. But that is coming from insecure design and development of the intended, advertised product MADE IN THE USA. Not Chinese "backdoors" in resistors!

But Sergei Wrotealotovrot did a smart thing by fanning the espionage flames. Otherwise his "expose" of an obvious internal exploit for a particular US design would've gotten ho-hum interest from anyone who knew anything about JTAG programming of FPGAs. BTW, you realize that the engineers who implemented that JTAG logic function have a design spec internally, and they have a Verilog or VHDL description of it, and tested it internally. Anyone who worked on that project knows everything Sergei Didalotovnada learned, and was not under any kind of military clearance, and might not have even had a non-disclosure agreement with respect to emailing it to a colleague, customer, student or chinese spy!

176 of 177
37 posted on 06/06/2012 7:43:58 AM PDT by sam_paine (X .................................)
[ Post Reply | Private Reply | To 12 | View Replies]

To: ex-Texan

Globalism is a suicide pact among the elitists. Citizens of the world - US politicans and private industry - could care less if the US is burried or not and they are making the suicidal decisions for the “their people” of the globe on global trade. All degrees of treason can be and are being rationalized.


38 posted on 06/06/2012 8:45:57 AM PDT by SaraJohnson
[ Post Reply | Private Reply | To 1 | View Replies]

To: sam_paine
Thanks for your prompt and excellent reply. I missed last weeks anthill, I found a similar one I was involved with on the 23rd.

To the degree that Chinese manufacturers robotically use our layouts and mask sets there is little danger of them using our designed in back doors.

Unfortunately we train a LOT of Chinese engineering students in our universities, and SOME of them are PLA officers, and SOME of them are quite capable of reverse engineering our designs to insert any back doors the Chinese government desires.

The rules of threat assessment call for identifying what an enemy is capable of doing, not necessarily what they are actually doing.

They are capable of inserting a dormant shut down code in every microprocessor they manufacture, some of those chips might work their ways into critical systems. Most will end up sprinkled throughout our electronic infrastructure.

How much havoc would ensue if say, 10% of our gas pumps, heart monitors TV stations and home shopping computers all died in the same hour is an exercise left to the reader...

39 posted on 06/06/2012 9:41:05 AM PDT by null and void (Day 1233 of our ObamaVacation from reality [and what dark chill/is gathering still/before the storm])
[ Post Reply | Private Reply | To 37 | View Replies]

To: null and void
They are capable of inserting a dormant shut down code in every microprocessor they manufacture, some of those chips might work their ways into critical systems. Most will end up sprinkled throughout our electronic infrastructure.

Of course that's correct....but....it's sooo much easier and more effective to "insert a test mode" via a commie sympathizer sellout round-eye in San Jose or Austin!

I'm sure you recognize that it's exceedingly hard and dangerous to slap in some hard logic into a mask and have it not only work, but not screw up other functionality or test vectors, risking discovery.

It's far easier to feed it in at the top of the food chain in HDL as a "test register" right out "in the open." Except "in the open" might be well documented on Page 1,442 of the design datasheet, which is an internal Intel or Freescale document that nobody in Federal Procurement will ever see, much less read.

40 posted on 06/06/2012 10:20:15 AM PDT by sam_paine (X .................................)
[ Post Reply | Private Reply | To 39 | View Replies]

To: sam_paine
Exactly, except the "round-eye" might well be a Chinese engineer who came here on a PLA sponsored student visa.

The saying here in Silicon Valley is:

Half the Chinese here are spying on us.
The other half are spying on them!

41 posted on 06/06/2012 10:51:10 AM PDT by null and void (Day 1233 of our ObamaVacation from reality [and what dark chill/is gathering still/before the storm])
[ Post Reply | Private Reply | To 40 | View Replies]

To: Carry_Okie

From the typical trash that is a utilities power line waveform, computer power supplies are already expected to produce a silky smooth DC at various levels and currents. Switching supplies are all the rage today. Now if a switching supply producer were in cahoots with a CPU producer and spyware designer, so as to selectively let “noise” in and out, there could be an interesting interaction. The switching supply would need a few smarts to be able to know when and what to pass through. It would take more than the dumb discrete designs of the present.


42 posted on 06/06/2012 12:17:42 PM PDT by HiTech RedNeck (Let me ABOs run loose Lou!)
[ Post Reply | Private Reply | To 30 | View Replies]

To: Carry_Okie
I don't save $.03 per part.

Apple, Acer, and others do.

Perhaps you should whine at them then, instead of at me?

Or do you know crap about manufacturing?

Whiner says what?

43 posted on 06/06/2012 1:08:07 PM PDT by Toddsterpatriot (Math is hard. Harder if you're stupid.)
[ Post Reply | Private Reply | To 36 | View Replies]

To: sam_paine
"Does anyone here really care about the real potential for espionage from Norks, Russians, and Chinese that can so easily be done via USA fabs and design houses?"

I can only speak for me - Yes, and assume others care based on what I read in comments on FR, like this from "null and void":

The rules of threat assessment call for identifying what an enemy is capable of doing, not necessarily what they are actually doing.

I like that quote a lot - given almost 30 years of high-end global industry experience (see note 1 below).

Based on your comments, I believe we're in agreement on the risk assessment facts from known design and engineering practices. We don't need to invent complicated engineering scenarios in order to be concerned about what's already installed across America and the globe that controls core elements of every day life.

The WashedUp Times pointed out some of the recently published studies on PLC vulnerabilities:

Project Basecamp at S4

"Project Basecamp had six great researchers looking for vulnerabilities in six different PLC’s / field devices, and the PLC’s took a beating. There were backdoors, weak credential storage, ability to change ladder logic and firmware, command line interface, overflows galore, TFTP for important files and so much more."

Cyber search engine Shodan exposes industrial control systems to new risks

Researchers found that one machine made by General Electric, the D-20, uses the same microprocessor installed in Apple computers two decades ago. The company that made its operating software stopped updating it in 1999. It is often shipped to customers with no meaningful security.“Security is disabled by default,” the manual says. “To log in, enter any name; you do not need a password.”

In a statement to The Washington Post, General Electric said: “The D-20 was designed for deployment in a layered security environment, in which asset owners and operators employ a range of measures to prevent, detect and respond to intrusions. GE actively works with our customers to design and support those security measures.”

The company added that the software for the machine “is designed to be secure and includes a layer of password-protection, which can be activated if the customer chooses to do so.

Other machines had flaws that enabled the researchers to take control through electronic back doors.

In January, Digital Bond said the results were “a bloodbath, mostly.”

Most of the guys were able to hack their controllers in a single day,” said K. Reid Wightman, a Digital Bond security researcher and former Pentagon cyberwarrior. “It’s just too easy. If we can do it, imagine what a well-funded foreign power could do.”

(1) My first professional job was in semiconductor manufacturing, not as an EE, but I designed their first distributed systems with desktops and "file servers" delivering integrated data from big iron global systems. And I pioneered some of the first commercial Software as a Service products. This was way before there were any books available on how to build, sell, run, scale, and support such products.

44 posted on 06/06/2012 5:08:14 PM PDT by uncommonsense (Conservatives believe what they see; Liberals see what they believe.)
[ Post Reply | Private Reply | To 37 | View Replies]

Comment #45 Removed by Moderator

To: GOPsterinMA; Clintonfatigued

Clinton, the reason W Bush was the best President since Reagan even though W Bush stunk.


46 posted on 06/06/2012 11:45:28 PM PDT by Impy (Don't call me red.)
[ Post Reply | Private Reply | To 20 | View Replies]

To: ex-Texan

Is the Russian mob still after you?


47 posted on 06/07/2012 5:16:25 AM PDT by Toddsterpatriot (Math is hard. Harder if you're stupid.)
[ Post Reply | Private Reply | To 45 | View Replies]

To: ex-Texan
Linking a video by the Loose Change truther?

You should be ashamed.

48 posted on 06/07/2012 5:34:41 AM PDT by Toddsterpatriot (Math is hard. Harder if you're stupid.)
[ Post Reply | Private Reply | To 45 | View Replies]

Comment #49 Removed by Moderator

To: Impy; All

Amen to that!


50 posted on 06/07/2012 9:00:27 PM PDT by GOPsterinMA (We may die, but DISCO LIVES FOREVER!!!)
[ Post Reply | Private Reply | To 46 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson