Security is Getting Serious

  • Comments posted to this topic are about the item Security is Getting Serious

  • This doesn't surprise me. With the sheer complexity of modern processors (and really, does this *have* to be in the processor?) it seems it would be relatively easy to slip something in like this.

    Arguably, it could even be done, I would think, in a way that doesn't require multiple repetitions of the malicious command, but instead one run to activate. Still very hard to detect (until it fires,) and likely only good for one use, but that could still do loads of damage to a business.

    There was a book not too long ago that posited such a method of attack, Ghost Fleet by August Cole and P.W. Singer, where chips were compromised at the physical level.

    The researchers suggestion of having yet another chip to monitor software privileges would seem to rapidly lead down the rabbit hole, playing the game of "who watches the watchmen." After all, what's to stop a bad actor from corrupting the "watchmen" chip?

    Even bringing all chip manufacturing "in-country," even if it's just for government-used devices, would still have the possibility of someone working in the factory producing the chips being extorted / bribed / working for the other team putting this attack in-place...

  • Well, I'm different. This completely surprises me. I never even thought of the possibility of chip makers doing anything like this. Security is such a huge topic that I don't know how anyone could completely cover it.

    Kindest Regards, Rod Connect with me on LinkedIn.

  • This is crazy. I hope if it happens, someone discovers it and we know about it quickly.

  • Many folks are willing to pay as much as 50% more for locally sourced food, thinking (for example) that milk or vegetables from China may be less wholesome and more risky than that grown domesically. So maybe we'll soon see a market for "responsibly sourced" technology.

    "Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho

  • Eric M Russell (7/18/2016)


    Many folks are willing to pay as much as 50% more for locally sourced food, thinking (for example) that milk or vegetables from China may be less wholesome and more risky than that grown domesically. So maybe we'll soon see a market for "responsibly sourced" technology.

    I can see that happening. Especially if some incident should happen where its discovered a security breech has happened due to a hardware hack such as the Wired' article described. There could easily be labels on shipments of CPU's, memory, etc., saying "responsibly sourced". In fact, I could foresee chip manufacturers charging more for their chips, if those chips are vetted as being safe from malicious logic.

    Kindest Regards, Rod Connect with me on LinkedIn.

  • Eric M Russell (7/18/2016)


    Many folks are willing to pay as much as 50% more for locally sourced food, thinking (for example) that milk or vegetables from China may be less wholesome and more risky than that grown domesically. So maybe we'll soon see a market for "responsibly sourced" technology.

    The same could be said of US technologies too for those of us outside the US. From a UK perspective we are hearing a lot about alleged NSA and CIA intrusions. They may make some US citizens feel safe but from my perspective they are an arm of a foreign state acting inappropriately.

    It could lead, although wholely unlikely in my opinion, to a return to national computing companies.

    Gaz

    -- Stop your grinnin' and drop your linen...they're everywhere!!!

Viewing 7 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic. Login to reply