[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: trusting the processor chip



At 10:23 AM 4/26/96, jim bell wrote:

> By NSA standards, it is simple.  NSA has probably had its own
> semiconductor  fabs for 30+ years.

Yep. Regardless of whether the fabs are government property or not,
it's a sure thing that some contractors have appropriately SCIFfed
fabs and appropriately cleared staffs.

> Even if we assume that
> their capabilities lag  commercial production in terms of
> density or quality, keyboard encoder chips  were trivial 20+
> years ago and could presumably be easily
> duplicated/modified today by even the oldest operating fabs.
> They probably  had far less than 10,000 transistors.  Even
> modern keyboard controllers  probably "waste"  a
> microcontroller with far more capability than you'd need
> for the task, and microcontrollers usually have
> substantially more code area  than would be necessary to add
> some sort of surreptitious function.

Agree. Keyboard controllers (and other peripheral components
of a system) are a much more tractable target than the CPU and
may be within the capbailities of such organizations. I'm more
inclined towards disk controller subversion myself. Of course,
there's also the apocryphal story of the so called "Iraqi
printer virus" that disabled the Iraqi air defense system.

Subverting the CPU is not simple even by NSA standards.

Rick.
[email protected]        secure computing corporation