At 10:23 AM 4/26/96, jim bell wrote:
By NSA standards, it is simple. NSA has probably had its own semiconductor fabs for 30+ years.
Yep. Regardless of whether the fabs are government property or not, it's a sure thing that some contractors have appropriately SCIFfed fabs and appropriately cleared staffs.
Even if we assume that their capabilities lag commercial production in terms of density or quality, keyboard encoder chips were trivial 20+ years ago and could presumably be easily duplicated/modified today by even the oldest operating fabs. They probably had far less than 10,000 transistors. Even modern keyboard controllers probably "waste" a microcontroller with far more capability than you'd need for the task, and microcontrollers usually have substantially more code area than would be necessary to add some sort of surreptitious function.
Agree. Keyboard controllers (and other peripheral components of a system) are a much more tractable target than the CPU and may be within the capbailities of such organizations. I'm more inclined towards disk controller subversion myself. Of course, there's also the apocryphal story of the so called "Iraqi printer virus" that disabled the Iraqi air defense system. Subverting the CPU is not simple even by NSA standards. Rick. smith@sctc.com secure computing corporation