Pages Menu
TwitterRssFacebook
Categories Menu

Posted by on Jun 1, 2012 in Hardware News |

Scandal! Manufacturer placed “back doors” in deliberately chips

For the first time in history has been able to discover, test, develop and document a or backdoor on a silicon chip that allows an attacker to take control of the device using the platform. And not any user: but at the same manufacturer who deliberately added this backdoor to the chip and also put a “key” to use it.

The affected products are units (Field Programmable Gate Array) American manufacturer, in his series of models ProASIC3, IGLOO, and SmartFusion, and as we said, the researchers believe that the level of integration of the problem likely the hole found was put “at home” intentionally by Actel, which has been occurring since 2002 at least until 2010, when the company began to take over manufacturing.

To discover what is that a group of researchers from the University of launched an investigation that sparked alarm among the institutions that use this kind of chip features that require the highest level, such as military and communications applications public, private and institutional, to name a few, where governments and private organizations and researchers contacted for help. And yes, there were great efforts to find the problem because it also deliberately was very hidden in the hardware design, further aggravating the situation.

Simply put, the affected products are chips that can be programmed in a personal way to implement on different devices to perform specific functions, with the “implementer” deciding how it will work and where. This flexibility is what makes chips for applications desired in addition to those mentioned above, also involve combat aircraft, satellites, nuclear power plants, commercial aircraft Boeing and many others.

The worst thing of all is that you can break the encryption, an that provides strong security and therefore is widely used to implement engines chips at the hardware level. Now all that is useless because of the vulnerability that Actel inserted into their products, which were acquired by naively all kinds of institutions that now are endangered data and more importantly, access to their platforms.

According to investigators, the tailgate is inserted into the architecture that was designed the chip, making it impossible to fix it or remove it because it is hardware, ie irons that are already done and n ose may change. The best thing you can do for now is to find ways to exploit the vulnerability and exploit it more difficult and costly for malicious, but anyway this is inevitable if it occurs.

Because this is not a computer virus or other malware that is software or virtual code that can be fixed: This problem is a pit or hole embedded in physical processors, which can not cover more than exchanging one product for another. It is as if the computer you bought had a leak and the only solution to fix it is change.

Links:
Timeline of the investigation .
First paper of the researchers .
Second paper of researchers .

Tags: , , , , , , , , , , , , , , ,