1996-04-26 - Re: trusting the processor chip

Header Data

From: “Paul S. Penrod” <furballs@netcom.com>
To: jim bell <jimbell@pacifier.com>
Message Hash: 3525b40acce0b751bdf9b4e13ab7c7390e82e32e23bdfb657e3cbd244628f57f
Message ID: <Pine.3.89.9604252347.A18926-0100000@netcom13>
Reply To: <m0uCa4r-00094aC@pacifier.com>
UTC Datetime: 1996-04-26 11:33:50 UTC
Raw Date: Fri, 26 Apr 1996 19:33:50 +0800

Raw message

From: "Paul S. Penrod" <furballs@netcom.com>
Date: Fri, 26 Apr 1996 19:33:50 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: trusting the processor chip
In-Reply-To: <m0uCa4r-00094aC@pacifier.com>
Message-ID: <Pine.3.89.9604252347.A18926-0100000@netcom13>
MIME-Version: 1.0
Content-Type: text/plain




On Thu, 25 Apr 1996, jim bell wrote:

> At 01:53 PM 4/25/96 -0400, Jeffrey C. Flynn wrote:
> 
> >I received several responses to this question.  My favorite was as follows...
> >
> >>This is probably science fiction, particularly at the VHDL level.
> >>Maybe someone could make a crime of opportunity out of a microcode
> >>flaw, but there's a risk of it being found out during testing.
> >>
> >>To do it right would require collusion of the design and test teams.
> >>They need to ensure the back door stays closed, isn't tickled by
> >>"normal" testing and only opens when really requested. So a lot of
> >>people are in on the secret even before it gets exploited for
> >>nefarious purposes.
> >>
> >>And what nefarious purposes would pay for the risks and costs of this?
> >>If the secret got out, the design team, product line, and company
> >>would be dead in the marketplace and probably spend the rest of their
> >>lives responding to lawsuits. What could you use this for that is
> >>worth the risk?
> 
> This analysis seems to assume that the entire production run of a standard 
> product is subverted.  More likely,I think, an organization like the NSA 
> might build a pin-compatible version of an existing, commonly-used product 
> like a keyboard encoder chip that is designed to transmit (by RFI signals) 
> the contents of what is typed at the keyboard.  It's simple, it's hard to 
> detect, and it gets what they want.
> 
> Jim Bell
> jimbell@pacifier.com
> 
> 

This is getting more rediculous by the minute. If NSA wanted to find out 
what you were typing, they dont need to subvert microcode or chips on the 
board. Unless you have a tempest device - all they have to do is pull RF 
from your vicinty  and they can *see* just exactly what your typing.

>From the powerline, from the air - choose your poison.

...Paul

-------------------------------------------------------------------------

"Faced with the choice between changing one's mind and proving that there
 is no need to do so, almost everybody gets busy on the proof"

                                            -- John Kenneth Galbraith

"Success is attending a funeral as a spectator"

                                            -- E. BonAnno 

-------------------------------------------------------------------------







Thread