-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/11/2014 02:17 PM, Troy Benjegerdes wrote:
All the 'NDA'/proprietary/confidential information that goes with chip designs provide plenty of cover to insert backdoors.
We have already seen that they do not have to subvert the designs if they can intercept components and replace them with boobytrapped look- and work-alikes.
But your USB chip, graphics card, hard drive, or two factor authentication token, on the other hand...
Firmware bootkits are also potential vectors. Why go to the trouble of backdooring the hardware when you can go after the firmware blobs that few bother to reverse engineer anyway? - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ "We could be readin' a book." --Huey, _The Boondocks_ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlL6xw4ACgkQO9j/K4B7F8GIggCfeTxAEk7xL/rGAP1XYS119CL3 RsMAoJbDUeUoLtthNEt/eIhE9Blq7Aa2 =8uwz -----END PGP SIGNATURE-----