20 votes

Reddit - Well respected Silicon expert, would not be surprised if there were government mandated backdoors in Intel/AMD chips



Trending on the Web

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

bump

Bump

donvino

From what I recall, there was

From what I recall, there was a chip called the Fritz Chip which was intended to be a backdoor which would enable your computer to basically spy on you. Wired Magazine had a lengthy article about it years ago, maybe 8 years or so ago.

I remember what I read explaining how law enforcement could basically mark certain content or types of content as illegal and the Fritz Chip would delete the content from your computer and report you to law enforcement. The chip would also be able to trigger alerts based on content found on your computer without deleting it.

They were trying to mandate this chip to be installed into all new computers.

Not sure whatever happened with it, but it has been renamed to something like '"trusted" computing' platform, etc.

...

It's possible, but very detectable!

It is certainly possible, but it would be detectable.

Assume there is a backdoor in every processor that the NSA could remotely activate in order to cause it to start recording data and transmitting it back to Meade.

There will be network traffic coming out of that machine. If you watch the wire, it will be very obvious. You can encrypt the crap out of the transmission, but there will still be signal that doesn't belong there.

One of the tricks in the intelligence community is monitoring VOLUME of data, never mind the content (hence the importance of metadata). Say, a military wants to determine when an opposing military will start an invasion they think will occur. They don't need to understand the encrypted messages (SIGINT). By simply monitoring for the large spike of comm traffic from one point to all others will signal that a command or something was just issued. Coupled with lots of other chatter, like brigade to brigade traffic, you can make a fair assumption that something is kicking off.

So if your computer starts spewing out SSL traffic at 3am... could it be an update, possibly. But the first time it happens to an IT person who is watching then notices, the game is up. Not to mention the business impact ramifications to Intel, AMD or anyone else who was involved would very possibly end the company. Lots of companies watch their network traffic. This wouldn't very likely go unnoticed very long.

If they did it, and it went public, everyone would go buy old or foreign processors. Performance be damned. It would be the end of the processor industry in the US period.

You're right

that it would be detectable, but I don't think they would do it in mass. Like you say auto sending data could be accidentally discovered.

What I think is more likely is targeted spying. Just think how many computers in the world use Intel/AMD processors and closed source OSes like Windows/Apple.. practically everybody, even Russians. The chips now have a way to identify themselves uniquely, so all you have to do is turn on the spying for the particular chips you want. Most users don't monitor what traffic goes out from their computer or even know how to. Imagine tapping the computer of anybody in the world. That's powerful stuff.

?

would it have to be foreign?

It's time! Rand Paul 2016!

"Truth, Justice, and the American Way!"

Could be anyone

could be anyone. For domestic operations in countries around the world, usually they try gladio type strategies - co opt the military, or the "secret" army and manipulate them to do the regime's bidding, but that's a different conversation.

I got one

that I really don't feel is that far fetched. When you run a virus scan. Would it be possible. For the company of the virus scan to download all your information? I was wondering about this for a while.

It's time! Rand Paul 2016!

"Truth, Justice, and the American Way!"

deacon's picture

good question

what i have always wondered if the anti virus folks are the same ones who create the virus's
deacon

If we deny truth before your very eyes,then the rest of what we have to say,is of little consequence

What would

happen to all the anti-virus companies if there were no viruses?

deacon's picture

uh huh

and that is exactly the reason i think the way i do
good to know i am not the only one who thinks that way
job security
deacon

If we deny truth before your very eyes,then the rest of what we have to say,is of little consequence

Cyril's picture

BUMP.

BUMP.

"Cyril" pronounced "see real". I code stuff.

http://Laissez-Faire.Me/Liberty

"To study and not think is a waste. To think and not study is dangerous." -- Confucius

bump

this started with phoenix bios.

It's called a bare metal

It's called a bare metal client hypervisor. It's business application is to provide streamlined managability to corporate PC's, so, for instance, that administrators have full control over the PC even if there is a problem with the operating system etc.

http://www.intel.com/content/www/xr/en/virtualization/virtua...

deacon's picture

would some of you mind

creating a post about this topic?
would be easier for us less savvy to follow
you know,cuz confusion just sorta sucks
i know I would greatly appreciate it
thanks in advance
deacon

If we deny truth before your very eyes,then the rest of what we have to say,is of little consequence

Basically

if you're not using Linux you should assume your system is compromised. It may not be, but you should assume it is.

The problem is with an operating system things happen at a level where you just won't know what's going on, and companies like Microsoft have been willing to work with the NSA. If this goes to the chip level then even reinstalling your operating system won't help. The only way to have confidence of security is using Linux, and as a poster below says it should be a version like Fedora where everything is open source.

robot999's picture

This article

is talking about HW backdoors. Saying that Linux (or any other software "Application" / OS) is exempt from such technology is not accurately interpreting this particular threat. Seriously, this thread is not about anyone's "favorite" OS, if it were I may concede to your point due to the open nature of Linux.

"Government is the entertainment division of the military-industrial complex". - Frank Zappa

To be

specific it's not talking about hardware backdoors it's talking about a backdoor on the CPU.

A CPU by itself can't do much. Even if a CPU is compromised it needs to communicate with an operating system to send the data somewhere. If an OS will work with the CPU then anything is possible, but it's very unlikely Linux would be such an OS because it's open source.

Cyril's picture

Hints

You may want to read at the link I provided earlier.

Especially interesting exchanges, IMO, between:

Matt Mackall, iang, Ben Laurie, Peter Gutmann, coderman

AFAICT, it seems Intel's unverifiability of their RdRand re: mixed entropy sources is at best lousy, prone to defects, if not downright suspect.

With or without access to OS source code, the real stuff happens in the H/W, eventually. It's legitimate to ask the latter be always fully auditable and verifiable, IMO, when it's about generic computation done in the wild by an unsuspecting and trusting user (who usually has paid AT LEAST for the hardware).

Peace.

"Cyril" pronounced "see real". I code stuff.

http://Laissez-Faire.Me/Liberty

"To study and not think is a waste. To think and not study is dangerous." -- Confucius

deacon's picture

a yr ago

i turned the auto updates off on this xp os
might of been too late
I have used linux on another comp I had,but for me,doing it by myself
was just a bit much,for some reason it reminded me of DOS,what the commands,prompts,and this was to install software
I like the XP version of windows,but it is still windows
maybe i should just buy a book on this subject
question,isn't linux ubuntu?
deacon

If we deny truth before your very eyes,then the rest of what we have to say,is of little consequence

Ubuntu is Linux but Linux

Ubuntu is Linux but Linux isn't Ubuntu. Ubuntu is simply one flavor of Linux of which there are many. Linux is the core and all the different flavors/versions of Linux are built around that.

...

deacon's picture

hey thanks :)

i get it now,nova is chevy,but chevy isn't nova
I have tried ubunto before,confused the living
you know what out of me
have been reading about fedora(from another commenter)
am looking for OS that works like windows,but isn't
but so far,i haven't too far yet,but i will
thanks for the info
deacon

If we deny truth before your very eyes,then the rest of what we have to say,is of little consequence

It doesn't matter

If Microsoft/Apple are working with the NSA they can hide commands in the code to operate without you. There were already NSA secret keys found in Windows.

The reason Windows is used by most of the world is because it's easier. It's not better, just easier, because the company profited by making it user friendly. Meanwhile the open-source community is not paid, but if enough people show an interest in using Linux regularly more user-friendly development would happen. Until then it's a problem. Yes, Ubuntu is Linux and probably safe, but Fedora is more certainly safe because none of it is closed source.

deacon's picture

thanks

will check out fedora
I really do not have a lot of energy to spend learning yet another OS
but will give that a try
but what do I do with all homieland security buzz words ? :)
deacon

If we deny truth before your very eyes,then the rest of what we have to say,is of little consequence

Use

Tor and services like StartPage.com instead of Google for online privacy.

deacon's picture

looked into TOR

wouldn't it mean that if TOR was created for the navy,that the fed already knows how to do a run around with it?
and if so,then how affective is it?
deacon

If we deny truth before your very eyes,then the rest of what we have to say,is of little consequence

No

the technology blocks everyone and is open source. The govt needs a way for allies in hostile places, say a reporter in North Korea, to be able to get online without being discovered. Use of Tor is why Silk Road has operated successfully for a long time now.

Another way to look at it

is that if it was created for the navy, then they wouldn't want to put a backdoor into it if there was any way that would mean that other countries could eavesdrop on military communications. It's open source, so if there's a backdoor it's not going to be anything that can be discovered by reading the source. The NSA might have an easy way of cracking the encryption used, but that's a different kind of issue.

There's no guarantee of course, but there are far more solid reasons to trust Tor than to trust Startpage, for example. In fact if you're using Startpage without Tor, you might as well just be using google. That doesn't mean you shouldn't use Startpage, it just means that you shouldn't take privacy for granted if you do because *even if Startpage is completely on the level* you are still vulnerable if that's all you're doing to protect your privacy.

https://www.torproject.org/about/overview.html.en
https://www.torproject.org/docs/faq.html.en#Backdoor

That's not

true about StartPage being the same as Google. Using Google is like using a search engine built by the NSA because Google is US based and proven willing to work with them. On the other hand StartPage is outside US jurisdiction and their whole stated purpose is user privacy. I'm not saying users should search illegal stuff there, but it's NOT the same as using Google, even without Tor.

Tor should be used whenever possible, but it slows up connections, so for normal browsing most people won't bother with it.

Not quite what I said

First, I don't take Startpage's claims at face value, or assume that the NSA hasn't tapped into the routers closest to their servers or the undersea cables between here and Europe, or that the NSA hasn't cracked the SSL encryption that Startpage uses, etc. If you're using *any* search engine your request goes through backbone routers before it gets to the destination, and if you aren't using Tor your IP address is easily associated with that traffic. If you're using *any* search engine without anonymization, and click on any of the links you get back from the search engine, then what was the point of keeping the search private?

It's like saying that bitcoin is anonymous. A lot of people seem to think that's just simply true by default, that using bitcoin automatically makes your transactions private, but it's not nearly that simple. Every transaction is publicly and permanently recorded. If you don't go to considerable extra effort, including but not limited to hiding your IP address, your transactions aren't private. And the permanent, public record of all transactions is a data miner's wet dream. Here's an interesting analysis of a bitcoin theft:
http://anonymity-in-bitcoin.blogspot.com/2011/07/bitcoin-is-...
If the NSA has more data associating bitcoin traffic with IP addresses, then they would be able to do even deeper data mining than what this shows.

That's not to say that using bitcoin is no better than writing a check. It's just that if you use bitcoin without understanding everything that's involved in making it truly private, the privacy gains may not be nearly as great or as secure as the naive user might think.

Similarly for startpage. If you're doing something that you need to keep private, and all you're doing is using startpage (and then clicking on the search results that you get back), your privacy is vulnerable at multiple points even if startpage is on the level. (And again, I don't see any reason to assume they are, or that they aren't. It would be a devilish thing for the NSA to do, creating something like Startpage or just tapping into the traffic at some convenient point. What better way to eavesdrop on the people who are trying to be anonymous?) But even if they're on the level, there are still multiple points of vulnerability if you're not taking other precautions, so you should assume your searches may not be private.

Moreover, if you aren't taking those other precautions, so that your IP address can be associated with things like bitcoin transactions and attempts to anonymize searches (and the dailypaul!) then you've probably put yourself on the NSA's "persons of interest" list already.

Fasle confidence is more dangerous than paranoia. Unless you are taking thorough precautions (running Linux, using Tor, etc.) and you are enough of a geek to really understand what it is you're doing, you might as well just assume that if the NSA wants to see what you're doing, they can. Why wave red flags in their face that point directly to your IP address on top of everything else?

Good points.

I agree with everything you said there. I especially agree on the Bitcoin analogy. Bitcoin is definitely not anonymous unless you know how to be. However, is Bitcoin better than writing a check? I think so. Similarly, is StartPage better than using Google, shown to work with PRISM? I still do think so, even though everything you say is correct.