[s-t] needle in haystack digest #3

Nick Barnes Nick.Barnes at pobox.com
Thu Nov 6 05:32:40 PST 2003 

> Subject: Re: [s-t] privacy and caution digest #2
> From: "Bryan O'Sullivan" <bos at serpentine.com>
> Date: Mon, 27 Oct 2003 22:49:19 -0800
>
> On Mon, 2003-10-27 at 14:49, Nick B wrote:
>
> > Nobody, but nobody, builds _anything_ electronic from the ground up.
> > Not me, not you, not Apple, not Microsoft, not Sony, not Intel, not
> > the NSA.  [Apple,] Sony, Intel and the NSA get closer by fabbing their
> > own silicon.
>
> No Such Agency doesn't fab much of anything; they can't afford to.  They
> and their ilk are far more interested in things like FPGAs and adapting
> numerical algorithms to COTS SIMD hardware, such as graphics processors
> (a la http://www.gpgpu.org/).

My apologies; I don't have much information on the budget, interests,
capabilities, facilities, or operations of the NSA.

> > Who knows
> > what sort of spyware those tools are adding?
>
> Don't be silly.  The amount of computation you need to do to get a
> circuit of any useful complexity to do something predictable is
> enormous.  You can't stuff a thousand CPUs and 200 engineers into an
> Applied Materials mask etch machine, so that they can rig a WiFi card
> and antenna onto your PS2's vector chip without Sony finding out.  Even
> if you could, how would they talk to the evil animalcules inside the
> Novellus metal deposition machine in the facility next door, so the
> right traces get metallised?

I guess I didn't make myself clear.  I wasn't hypothesizing an attack
against a fab.  I was saying that

      deeply paranoid "don't trust anyone" types

could well hypothesize such attacks.  They don't have to be
semi-automated Thompson-style attacks (and I didn't have those in
mind).  Put yourself in a "don't trust anyone" frame of mind, and
imagine that some part of the toolchain at (say) Intel includes
spyware which allows it to be controlled by (say) NSA.  Using this
spyware, NSA can watch a part of a CPU going through design-and-test
cycles, pick a part of the design to subvert, and carefully craft a
replacement for that part of the design.  Making the replacement part
do something useful for the NSA is left as an exercise for those who
enjoy this type of thing.

My point was that anyone who has a tendency to believe in this sort of
nonsense should, for consistency, be shunning mainstream hardware
altogether.  Even if they trust Intel, ho ho ho.

> Never even mind that automatically figuring out what a bunch of geometry
> in a set of masks represents is vastly harder than reverse compilation
> for software.

Yes.  I wasn't intending to suggest an attack based solely on masks.
The hypothesized attackers, having subverted the toolchain, have full
access at all levels of the hardware design (including design
documents, sources in various description languages, etc).

> > It is actually quite hard.  And if anybody
> > ever does implement it really well, they can win, in principle even
> > against projects like Plan 9
>
> No they can't.  Identifying something as "a compiler" and instrumenting
> the right code is impossible for automated systems.

I agree (almost), but a Thompson attack doesn't have to do that.
Compilers read source code by calling read() and write object code by
calling write().  These are, IMO, the right places to attack.  A
program which open()s a descriptor on a file called \(*\).c and
read()s some source code from it, and open()s another descriptor on a
file called \1.o and write()s some object code to it, is probably a
compiler.

Any Thompson attack is directed against a particular platform (e.g.
OS + compiler + hardware) *or set of platforms*.  That was the point I
was trying to make.  Plan 9 could have been vulnerable to an attack
created after the start of the project, targetting both gcc and (say)
2c.

I agree that [barring global conspiracies of the sort outlined above]
someone designing a new system from scratch tomorrow, *using only
tools and equipment available today*, and making the avoidance of
Thompson-style attacks a priority, could come away clean.

Off-hand, I guess that I would do it by avoiding having a modern
bootstrap in the first place.  I'd write my main compiler in some much
smaller simpler language, and keep it that way.

For myself, I still don't believe in Thompson attacks, or global
conspiracies subverting fab toolchains.  Global conspiracies seem to
use much less subtle approaches (insert here stuff about chads,
airliners, and Wars on Abstract Nouns).

I'm so unparanoid that I'm running GNU Emacs 21.3, built from suspect
sources.  Heck, I'm so unparanoid that I don't even believe that
Diebold is part of a global conspiracy.  Hanlon's razor, and all that.

Nick B

----- End forwarded message -----
-- Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 0.97c removed an attachment of type application/pgp-signature]

More information about the cypherpunks-legacy mailing list