Hardware trojans? Wtf?

[Guest]

Invisible hardware trojans on atomic level....

Well, if hackers start to use those we have no protection, but i don't know why would someone use it for poor kid's laptop like mine, maybe goverments?

By changing existing transitors in your computer it won't work as expected.

I will link a pdf in which they do something to the ivy bridge cpu's and explain how is this actually possible.

Some people are saying that they are chinese companies which use this kind of viruses to spy on people.

 

http://people.umass.edu/gbecker/BeckerChes13.pdf

 

[AraSarkisyan]

i dont see how someone can replace a transistor that is 28 billionths of an inch, but ok. 

[MontyBonjangles]

the only way I can see this working is if a hacker was to undermine the bios code entirely and fiddle deeply with any of the chipsets or controllers to stabilise a cpu, but however doing that discretely is another kettle of fish. In first case, you could frazzle the cpu very easiy by one of the transistors. Secondly, any chipset is specifically designed to work with that particular setting on a cpu. It seems very unlikely that just adding a few nano/pico-metres of work selectively will enable every motherboard to still work.  In more contrast, the cpu is handling 1s and 0s, and changing them states, how do you suppose the hackers can interpret this if there are millions of different combinations of ICs on motherboards that first process data to feed.

 

What I am saying here is the cpu is a tool, trying to hack it would be the same as attempting to put a sound recorder into a hammer. 

[SirReallySam]

What I am saying here is the cpu is a tool, trying to hack it would be the same as attempting to put a sound recorder into a hammer. 

HAHAH

[MG2R]

Interesting! Will read when I find the time.

 

the only way I can see this working is if a hacker was to undermine the bios code entirely and fiddle deeply with any of the chipsets or controllers to stabilise a cpu, but however doing that discretely is another kettle of fish. In first case, you could frazzle the cpu very easiy by one of the transistors. Secondly, any chipset is specifically designed to work with that particular setting on a cpu. It seems very unlikely that just adding a few nano/pico-metres of work selectively will enable every motherboard to still work.  In more contrast, the cpu is handling 1s and 0s, and changing them states, how do you suppose the hackers can interpret this if there are millions of different combinations of ICs on motherboards that first process data to feed.

 

What I am saying here is the cpu is a tool, trying to hack it would be the same as attempting to put a sound recorder into a hammer. 

This isn't something that is going to be used to hack regular computers, rather it will probably be applicable in custom military chips for example. Say you have a wireless communication system with a chip inside that is responsible for encoding and decoding the transmitted and received data. If hackers would infect that chip in such a way that 70% of the key is known to the hackers, then they would have a lot less work decoding the wireless traffic.

[MontyBonjangles]

Interesting! Will read when I find the time.

 

This isn't something that is going to be used to hack regular computers, rather it will probably be applicable in custom military chips for example. Say you have a wireless communication system with a chip inside that is responsible for encoding and decoding the transmitted and received data. If hackers would infect that chip in such a way that 70% of the key is known to the hackers, then they would have a lot less work decoding the wireless traffic.

I agree there, however, this could be combated by a constantly changing  set of chips in a network that code specific parts of message or data packet, I have seen such things as this over here. 

[MG2R]

I agree there, however, this could be combated by a constantly changing  set of chips in a network that code specific parts of message or data packet, I have seen such things as this over here. 

Keep in mind that constantly changing out your hardware is very expensive. And if hackers have access to the fabs where your chips come from, all of the chips are likely to be infected. Even changing out the keys could be undermined by clever hackers.

The biggest problem with this way of hacking is that there isn't really any feasable method of discovering infected chips at this point in time. You would have to analyze the chip at an atomic level in exactly the right spot to see the hack.

[MontyBonjangles]

Keep in mind that constantly changing out your hardware is very expensive. And if hackers have access to the fabs where your chips come from, all of the chips are likely to be infected. Even changing out the keys could be undermined by clever hackers.

The biggest problem with this way of hacking is that there isn't really any feasable method of discovering infected chips at this point in time. You would have to analyze the chip at an atomic level in exactly the right spot to see the hack.

 

That seems like its a double edged sword for the hackers too, it could take a long time to implement the hacks, and take a while for chasers to find em.

[MG2R]

That seems like its a double edged sword for the hackers too, it could take a long time to implement the hacks, and take a while for chasers to find em.

As with most things in life: the most worthwhile hacks are the ones that take the most amount of work to achieve

[Enderman]

i dont see how someone can replace a transistor that is 28 billionths of an inch, but ok. 

Yeah the only way this would be possible is during the manufacturing process. So either the hackers bribe Intel to do it with several trillion dollars, or they make their own CPUs (almost impossible) and replace yours with theirs. Completely absurd.

[Slaeowulf]

Well, I think it's safe to assume that now...IS THE TIME TO PANIC!!!

[FranBunnyFFXII]

Invisible hardware trojans on atomic level....

Well, if hackers start to use those we have no protection, but i don't know why would someone use it for poor kid's laptop like mine, maybe goverments?

By changing existing transitors in your computer it won't work as expected.

I will link a pdf in which they do something to the ivy bridge cpu's and explain how is this actually possible.

Some people are saying that they are chinese companies which use this kind of viruses to spy on people.

 

http://people.umass.edu/gbecker/BeckerChes13.pdf

Did anyone fully read the PDF?

King et al. [10] presented a hardware Trojan inserted into a CPU

that was capable of granting complete control of the system to an external

attacker. The attacker can make arbitrary changes to the program code and can

get unlimited access to the memory by simply sending a specic malicious UDP

package to the processor.

holy crap...