On Sat, Dec 20, 2014 at 12:31 PM, hbaker1 <hbaker1@pipeline.com> wrote:
From: dan@geer.org
| I think it would be very hard to find a backdoor suggested by | Norm Hardy. Modify the CPU to detect when two specific floating | point numbers are multiplied. When they are, execute the next | instruction in privileged mode.
It's my second-hand understanding that it would take perhaps 3,000 gates to implement intentional sensitivity to a pre-designed kill packet. The addition of 3,000 gates to any current chipset will never be found in current hardware, e.g., the iPhone 6 has two billion transistors on the system chip.
Others more knowledgeable welcome to correct my understanding.
So Intel&Apple have provided PRC with netlists for their processor chips?
Of course, PRC shouldn't believe them, unless they could also manufacture their own chips from the netlists.
It doesn't matter what a chipmaker provides and claims as truth today. Anyone, spy or not, anywhere in the chain from design to fab could insert anything, there are probably not enough internal control and validation programs in place to find it. And if something untrustworthy is sucessfully implanted or simply produced TOP SECRET approved, who on the outside is going to find it? No one publicly open, external, and disinterested is sampling these chips off the shelves and decapping them, or exhausting all possible input data against expected output, or has eyes in the fabs. Until the world has truly open fabs, you might as well assume it's game over. Similarly, we can't even get rid of default firmware passwords, baseband, bad crypto, closed source, vPro, and all the other examples of potentially backdoorish things possibly against the user... including NSA style spying and corporate datamining tagged with your name. Can you apply enough pressure to get rid of closed fabs, and the elements within governments and corporations that think up, perform and produce this kind of stuff?