[PLUG] How do we know who to trust?

Mon Oct 8 01:33:16 UTC 2018

Looks like the alleged chip is hooking into the BMC actually based on
layout of the board pictured in the article.

On Sun, Oct 7, 2018 at 2:06 PM Russell Senior <russell at personaltelco.net>
wrote:

> Devices aren't omniscient. They can't really tell when we are looking or
> not looking. So, if they are misbehaving, it is possible to observe that
> misbehavior. Certainly, the more complex their normal behavior, the more
> difficult it is to identify misbehavior.
>
> The Bloomberg story is difficult to assess.  The tiny little device they
> show is a little hard to credit, not so much for its size as that it's hard
> to see how that in that shape it could get access to enough traces on the
> motherboard in such a tiny package to power itself and interfere with
> normal signalling. Seems like it would need at least power, ground and at
> least one signal, maybe a couple more, given that the most plausible attack
> seems to be that they interfere with the firmware data coming into the BMC
> over SPI flash.
>
> That said, the BMC on server motherboards has a scarily privileged
> position. Better, more reviewable software there, as well as on the ME chip
> on modern desktop/laptops, is something I've been looking for.  There was
> recently a meeting in Europe called Open Source Firmware Conference (
> https://osfc.io/) with some interesting talks, available online.
>
> On Sun, Oct 7, 2018 at 1:35 PM Louis Kowolowski <louisk at cryptomonkeys.org>
> wrote:
>
> > On Oct 5, 2018, at 1:24 AM, Keith Lofstrom <keithl at kl-ic.com> wrote:
> > >
> > > On Thu, Oct 04, 2018 at 12:21:22PM -0700, Dick Steffens wrote:
> > >> The story about Elemental's computers having a spy chip on their
> > >> motherboards raise the question, how can we know if our computers
> > >> are compromised?
> > >>
> > >>
> >
> https://www.oregonlive.com/silicon-forest/index.ssf/2018/10/chinese_planted_spy_chips_insi.html
> > >
> > > Assume your machines ARE compromised.  The only question is
> > > how many different organizations have their own compromises
> > > in your machine.
> > >
> > > Without a completely open production process, end to end,
> > > which includes open source chip design, and a back end chip
> > > teardown process to compare design intent to samples of the
> > > actual silicon, there are just WAY too many places that
> > > very complex behavior may be inserted.  An extra chip on
> > > the circuit board, like this unconfirmed hack, is far too
> > > obvious for a deep-pockets adversary to bother with.
> > >
> > > My nightmare:
> > >
> > > The easiest place to insert malware is into the firmware
> > > boot tracks on your hard drive.
> > >
> > > Hard drive behavior is controlled by "digital signal
> > > processing" software for motor control, head movement,
> > > and the high level, pack-the-bits-onto-a-track behavior.
> > > That behavior is complex (vastly more complex than hard
> > > drives or even whole computers a decade ago), and is way
> > > more than they want to freeze into logic chips or store
> > > in an EPROM.   So the drive manufacturer stores those
> > > megabytes on the disk itself, in the "low performance"
> > > areas of the disk platter.
> > >
> > > A few percent of the platter area is low performance, too
> > > slow to move user data quickly, but usable at lower speeds
> > > or bit densities, or with simpler encodings usable by
> > > simple "boot-the-boot" hardware.  There is room to store
> > > gigabytes of potential boot information in that area,
> > > a vast opportunity for mischief and malware.
> > >
> > > I can imagine conditions that trigger the loading of
> > > alternate disk control software, which inserts exploits
> > > into an operating system as it is read off the disk.
> > > There is enough room on the disk to do this for hundreds
> > > of common operating systems.  That would NOT include all
> > > the zillions of variant kernels used by the Linux
> > > community, but there are many fewer variants of other
> > > linux security software, like the SELinux suite.
> > >
> > > My former neighbor worked for a Vancouver Washington
> > > company ("C") that builds network monitoring systems.
> > > "C" assembles their machines in China, and installs
> > > firmware there so they can do acceptance testing on
> > > arrival here.  After acceptance, they wipe the hard
> > > drives down to the boot tracks and rebuild them, Just
> > > In Case, because their systems control the Internet.
> > >
> > > The silicon might still be compromised, though.  I am
> > > a chip designer.  If I control the fabrication process,
> > > especially the ion implanter or the photomask aberration
> > > correction system, I can hide behavior in a chip that you
> > > won't be able to find unless you take the chip apart atom
> > > by atom and compare that to a detailed mask level
> > > specification, then compare the mask specification to
> > > a mind-bogglingly expensive series of simulations.
> > >
> > > Optimization-by-complexity is the antithesis of security.
> > >
> > > In simple words, complex chips are vulnerable.  Use
> > > simpler chips, or avoid making enemies.
> > >
> > If you assume the hardware is compromised, how can it be used in a way
> > that would allow you to believe the results it provides? The software by
> > definition couldn't correct the compromise.
> >
> > --
> > Louis Kowolowski                                louisk at cryptomonkeys.org
> > Cryptomonkeys:
> > http://www.cryptomonkeys.com/
> >
> > Making life more interesting for people since 1977
> >
> > _______________________________________________
> > PLUG mailing list
> > PLUG at pdxlinux.org
> > http://lists.pdxlinux.org/mailman/listinfo/plug
> >
> _______________________________________________
> PLUG mailing list
> PLUG at pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
>