Advertisement
Home
Wednesday, 20 August 2008
  
 
Last week attacks
O.S.  Defs.  %
Linux  20301  84.15%
Win 2003  2294  9.51%
FreeBSD  871  3.61%
Win 2000  279  1.16%
SolarisSunOS  163  0.68%
Other  216  0.90%

Total attacks: 24124 of which 11403 single ip and 12721 mass defacements

Polls
Should Zone-H continue mirroring defacements? (floods will be purged)
 
Main Menu
Home
Digital Warfare
Geopolitics
ITsec News
ITsec Advisories
Test Drive
360°
Digital Attacks Archive
Zone-H events
Publications
Zone-H Friends/Partners
Contact Us
Search
Download Area
Zone-H forum
About this website
Login Form





Lost Password?
No account yet? Register
ZONE-H In Numbers
 News: 14547
 Advisories: 11
 Administrators: 1
 Managers: 1
 Super Administrators: 3
 Operators: 3
 Registered Users: 37075
 Downloadable Files: 3888
 Digital Attacks: 2820749
 Attacks On Hold: 2732
 Online Users: 148
Syndicate
Visitors' Map
Highlight on most recent attacks
ppp.seplan.pe.gov.br by DigitalMind       camaraacobrasiliense.sp.gov.br by Fatal Error       mangaratiba.rj.gov.br by DigitalMind       pxf.gov.cn by PowerDream       timebrasil.org.br/pequim2008/noticias/index.asp by RootDamages       mil.gd/index.php by TrusT_Me       panasonic.com.cy/dyn/tech by netb00m       admin.dec.ufcg.edu.br by Red Eye       ciar.ufg.br/v3 by Swan       immigration.go.ke/entry.htm by SenqRonize       
Latest advisories
Latest on Digital Warfare
Latest on Geopolitics
Darpa's "trust in IC": a smart article and our comments PDF Print E-mail
User Rating: / 5
PoorBest 
Written by SyS64738 (Roberto Preatoni)   
Monday, 07 July 2008

microchip2 Without any doubt, the best article published about the Darpa's Turst in IC program has appeared on IEEE Spectrum's website.  We welcome you to read that article, then to come back here as we posted our comments (oh boy, we have so much to say...)

Zone-H Comments:

Are you a fan of comics? Are you interested in digital warfare? Did you find this news about Darpa's "Trust in IC" program appealing? Foreviewing?

Take a look at our first Zone-H comic episode "Prologue: Network  Failures", published in year 2006 (but we started to work on its production in year 2005). It's the story of a total Internet failure due to embedded unsolicited hardware, placed by wise Chinese producers in the core IC of the world's network equipment.

page_13

Click on the image to download it

In this comic episode, the hardware spyware has been placed in the network card's main chip, inserting extra functionalities such an extra microprocessor, some extra RAM and some extra ROM.  The network card is usually functioning as a traditional network card up to the moment it receives a specific sequence of bits which activate the embedded extra hardware, causing network failures (but also allowing to spy on each computer's traffic).

Needless to say, the comic's characters are using at some point, the same technology adopted by Darpa's contractors to reveal embedded unsolicited hardware (an x-ray IC layer scanner).

Quite interesting coincidence.

Anyway, the point is that despite what performed in the reality by the Darpa's contractors, such efforts might not be sufficient to detect embedded spyware in ICs. In fact, any complex Integrated Circuit can be identified not only by the contained hardware, but being most of the time a logic circuit, also by its natural "embedded logic behavior". 

I remember when I was attending my high-school classes (hell, 25 years ago...), one of the first thing I learned was to design logic circuits, according to the task requirements. A first step was to design the circuit according to the logic requirements. The second step was to simplify it by analyzing  its boolean redoundancies, stripping off the unnecessary logic ports.  After such operation, a much simpler IC was obtained, with the same functionality of the more complex, original one.

All this to say that to be sure that any given IC is not embedding unsolicited behavior might not be enough the mere x-ray analysis of its core components. The IC should also be analyzed in its originally designed logic behavior. 

At the current status, the Darpa's program is focusing mainly in "hashing" the hardware, comparing it to its original design. But as I explained before, extra functionalities can be embedded even in the original hardware logic design, placing circuits with double logic behavior.  In principle, it should be easy to design any complex enough logic circuit that behaves always in a certain way except when a single, specific logic gate gets activated, triggering the secondary behavior. Without the need of extra circuitry (ram, rom, etc).

Detecting such triggering logic circuit is a hard task, or even worse, detecting the secondary behavior especially in high density chips and techniques such x-ray scanning would not be helpful at all. Darpa should focus also in possible ways to detect unsolicited logic behavior.

How? Well, it's not that easy. We do have some ideas here, we might explain them in a future's comic episode. Or we might not, let's see if it would be a wise move first.

But we have some more bad news for you guys. Do you know what is the lifespan of war gears? Decades. It means that what has been produced so far and what is currently produced might already embed unsolicited hardware/logic. The Syrian radar failure story might be a demonstration.

Do you know which is one of the most used microprocessor in modern war gears? Nothing fancy nor ultramodern, as you might imagine. In fact, it's the old 386 chip. Reliable, powerful enough and, most important, long lasting and not heating. Even modern war helicopters are using the old 386 chip. And that was produced more than 20 years ago.  As to say, we might be already flooded by poisoned hardware.

This is why people should stop in focusing only in open source software for security reasons but they should also focus on the necessity to have open sourced hardware. Which currently is and probably will stay a mere dream, given the current set of laws and the lobbistic pressure behind them.

The only way to protect yourself today would be to do any sort of hardware/software reverse engineering but as you well know, it'll bring you legal troubles. War interests apart,  opening up hardware systems should be in everybody's long term interest, including the same hardware producers and governments. Because "Qui gladio ferit, gladio perit"



Comments Index (Total Messages: 4)
defamation and lies Written by Guest on 2008-07-08 12:13:13
Re: defamation and lies Written by Guest on 2008-07-09 21:19:30
Re: Re: defamation and lies Written by Guest on 2008-07-24 19:49:46
thanks zone-h Written by Guest on 2008-07-08 07:35:47

Powered by a Zone-H(ified) version of AkoComment 3.0!


DISCLAIMER: Forum postings are the opinion of the posting author alone, and should not be taken as the opinion of Zone-h. The   author is entirely and solely responsible for all content that he/she uploads, posts, or otherwise transmits via the website. Zone-h is not responsible for such content. However, Zone-h shall have the right, but not the obligation, to delete, move, or edit any content that violates this agreement or is otherwise objectionable as determined by Zone-h in its sole discretion and without notice.
 
Next >
[ Back ]
Advertisement
 
Top!
© 2008 Zone-H.org
Joomla! is Free Software released under the GNU/GPL License.
 Top!