An expert's assessement:
https://www.schneier.com/blog/archives/2013/09/surreptitiously.html

And here is the original study:
http://people.umass.edu/gbecker/BeckerChes13.pdf

German source that had me finding it:
http://www.spiegel.de/netzwelt/gadgets/verschluesselung-forscher-beschreiben-methode-fuer-hintertueren-in-chips-a-922853.html

Shouldn't the thread title be "Hypothetical hardware trojans possibly messing with chip production if you believe the conspiracy theory"?

shouldn't reason dictate to assume the NSA does what is possible as long as it has not been proven that it has not? Its not as if the revelations of the past weeks and months have just been a conspiracy fantasy.

Its technically possible, and the NSA has approached all major softwrae companies including Microsoft, Google, Yahoo, Apple etc. in order to get access codes to encryption coding and security protocoles. Even more, US laws make cooperation of companies with the NSA mandatory and legally binding, if it demands it.

shouldn't reason dictate to assume the NSA does what is possible as long as it has not been proven that it has not?

No. Reason dictates that you consider possibilities as possible, not certain. And yes, the revelations of the past few months show us that the NSA has been up to all sorts of things - but they also show that they aren't particularly good at keeping such things quiet.

An expert's assessement:
https://www.schneier.com/blog/archives/2013/09/surreptitiously.html

And here is the original study:
http://people.umass.edu/gbecker/BeckerChes13.pdf

German source that had me finding it:
http://www.spiegel.de/netzwelt/gadgets/verschluesselung-forscher-beschreiben-methode-fuer-hintertueren-in-chips-a-922853.html

No comment.:D:sunny:

Interesting article. It wouldn't be hard to hide special circuits in the chip. :hmmm:

Interesting article. It wouldn't be hard to hide special circuits in the chip. :hmmm:

So your party to it ya wee bugga :hmmm:

So your party to it ya wee bugga :hmmm:

Not at my pay grade.

No. Reason dictates that you consider possibilities as possible, not certain. And yes, the revelations of the past few months show us that the NSA has been up to all sorts of things - but they also show that they aren't particularly good at keeping such things quiet.

A long record speak against the suspect'S reputation, and so I see probability for him to play foul once again as much higher than just 50%, where as you ignorte the record and insist on a probability assessment of 50:50 : completely unknown, or random. I disagree, and I refuse to ignore what we already know about the suspect already.

Things like what Der Spiegel summarises, that you manipulate the entropy levels in certain randomization functions of the chip, are no difficult implementation, still would be extremely difficult for the end user to recognise as long as he does no9t run long, systematic test sessions with randomised function and umber generation and analysing the probability distribution. For the technical potential of somebody like the NSA, a degrading from 64 to 32 bit only already would tremendously simplify the task to break any randomised security code used by OS routines by using brute processor force to burn through. That is the ideal entry opportunity for an actor like the NSA: it's potent, but unsuspicious, and difficult to unveil.

It also is just the logcal next step, even the logically enforced next step. First there were soft trojans and virusses, rootkits and the like. Next operating systems get corrupted. Infiltrating the hardware during the production, is the next step.

And is it really that new? Some time ago there was a debate about Chinese computer tech and especially chips being used in practically every American hightech weapon system, ever cruise missiles, every platform electronics.

I already back then, two years ago it was or so, said I find it insane that one builds one owns weapons by using c hips and electronics produced by one's most pressing rival and possible future war enemy. At the same time the Americans import construction materials even like simple bricks and concrete parts when they build a new embassy in some foreign "friendly" nation like over here, for fears of getting bugged components if buying them from regional sub contractors. And at the same time they even hack friendly governments internal communication networks.

Trust me. Chip producers ARE under pressure by the NSA to build in backdoors into their hardware. I take that as 99% certain. It's technically possible, it is a benefit for the NSA, they can do it and demand it, the Patriot Act still is in effects well, and "national security" is a magic spell that immediately ends all discussion and all resistance - and so hardcoding backdoors in chips for sure gets done.

Trust me.

No. Why should I? By your logic, I have to assume that the NSA are getting up to every dirty trick that is possible. Which includes the obvious dirty trick of planting false claims that microchip security has been breached. Or even planting people on forums to spread stories that microchip security has been breached, come to that.

Whether the story is true or not should actually make no difference to most people anyway - if you are that worried about security, don't use a computer for anything you don't want others to know about. That was good advice before this story came out, and it is good advice now. Worrying about dopant-level tampering on microchips while using an operating system you can't be sure hasn't been tampered with anyway is rather pointless.

Avoiding to learn lessons by dreaming sweet dreams of a friendlier, though more unlikely world has one precondition: being asleep.

Avoiding to learn lessons by dreaming sweet dreams of a friendlier, though more unlikely world has one precondition: being asleep.

Oh really? And what lesson haven't I learned? How exactly is your pointless paranoia about things neither of us have the ability to detect, nor the means to do anything about if we could, actually a 'lesson' in anything at all?

I've already explained that whether these 'trojans' exist or not should make no difference one way another to my behaviour. Is it going to make any difference to yours?

Ahh, Skybird, at your level of paranoia, you should just step away from the computer and maybe go play with a calculator man.

I am sure that the Intel Xeon 5***, 3***, E3, and E5 lines have working random number generators. Why? since Intel's Xeon line has been tested and certified many times by multiple parties, and is widely used in the gambling and financial industries.

hey man, if gambling companies running millions of random number generators per second can't detect anything deviation from the norm, I think I should be fine, encrypting my pornography with a Xeon don't you think?


Also, this:
http://dilbert.com/dyn/str_strip/000000000/00000000/0000000/000000/00000/2000/300/2318/2318.strip.gif

http://images.wikia.com/glee/images/0/04/Oh-noes-everybody-panic.gif

HunterICX

shouldn't reason dictate to assume the NSA does what is possible as long as it has not been proven that it has not? Its not as if the revelations of the past weeks and months have just been a conspiracy fantasy.

DER SPIEGEL 8/1989
http://wissen.spiegel.de/wissen/titel/SP/1989/8/300/titel.jpg
NSA: Amerikas großes Ohr
Die National Security Agency, der aggressivste US-Nachrichtendienst, hört Freund und Feind ab
Im weltweiten Gewimmel der Funkwellen speichert die US-Regierung alle Signale, Befehle und Gespräche. Die National Security Agency (NSA), der geheimste aller Geheimdienste, lauscht rund um den Erdball und rund um die Uhr - auch in der Bundesrepublik. Letzter spektakulärer Erfolg, der die Beziehungen zwischen Bonn und Washington belastete: die von der NSA abgehörten Gespräche der Chemie-Firma Imhausen mit Libyen.

...
Link: http://www.spiegel.de/spiegel/print/d-13494509.html


Everyone is laughing about conspiracy theories - till the problems start.
Then everyone is seeing the conspiracies everywhere... :wah:

Where motive meets occasion, and historic precedence is proven to be there and unlimited resources are available - there shall be nothing coming from it, although it is the state, the secret service?

That assumption is the real conspiracy theory here.

Some people obviously have learned nothing, really nothing from the revelations by Snowden, and info becoming available on the NSA (maongst other things).

The nSA's budget has more than doubled since 9/11, as claimed: due to the war on terror. But fact also is that internal papers prove that just one third of its work is aimed at fighting Islamic terrorism.

We know that the spy like crazy on other govenrment, friends and enemies alike, and have bugged international organizations and their headquarters, from the EU to the UN.

We also know that they build enormous data storage capacities. And that computerized automatization makes possible an automatic data collecting and recording that is almost complete - globally.

I add 1 and 1, and to not my surprise I get a result of 2. Some of you claim it is 1, or there is no result. You are wrong.

By the same 'logic' (ROFL), since we have no way to determine that Skybird isn't a NSA plant, we can be certain that he is. Therefore he is lying. Therefore the NSA isn't tampering with microchips...