In fact, researchers at the University of Michigan haven’t just imagined that computer security nightmare; they’ve built and proved it works. In a study that won the “best paper” award at last week’s IEEE Symposium on Privacy and Security, they detailed the creation of an insidious, microscopic hardware backdoor proof-of-concept. And they showed that by running a series of seemingly innocuous commands on their minutely sabotaged processor, a hacker could reliably trigger a feature of the chip that gives them full access to the operating system. Most disturbingly, they write, that microscopic hardware backdoor wouldn’t be caught by practically any modern method of hardware security analysis, and could be planted by a single employee of a chip factory.
So they put microscopic hardware botnet into our macroscopic hardware botnet that runs software botnet? Nice.
Tyler Thomas
but really though, making your cpu using risc-v isa and an fpga is the only way to go. But good luck on doing anything useful on a cpu like that
Chase Phillips
>And they showed that by running a series of seemingly innocuous commands on their minutely sabotaged processor,
So they need to have physical access to the system first. This is fucking nothing.
Nathan Bell
You sound like a pussy
Ayden Anderson
Hey bro, how many layers of botnet are you on?
Carter Cook
Why? Most software on Linux is perfectly portable between ISAs.
Elijah Hall
because of the manufacturing process.. although then again even an fpga could be backdoored during manufacturing
Jeremiah Parker
That's one of the reasons Russians went back to typewriters in handling classified information.
Dylan Jones
but wait, how do you know the FPGA itself doesn't have a backdoor? sure that's fine if you want clock speed lower than the pitch of your voice. Real men run off their own processors in their own semiconductor fabs
Parker Smith
good thing i filled my tower with silicon based piranhas.
Jayden Watson
>but wait It's ok, it's ok, this is Sup Forums.
Tyler Sullivan
so it's only good for privilege escalation?
Evan Carter
>not leaving an open cum bottle inside to ward off CIA niggers
Jaxson Walker
>because of the manufacturing process Are you just saying that it would be too slow to do anything useful on? Depends on what you consider useful, I guess.
>although then again even an fpga could be backdoored during manufacturing Hardly. The exploit assumed knowledge of what gates were close to the appropriate fixed functionality in the CPU. You wouldn't be able to predict what gate would be used for the relevant function after soft synthesis of a CPU.
Josiah Sanchez
>only good for privilege escalation
Adam Ortiz
that's what you get when you design CPUs that allow instructions to be executed at ring -2 with higher privilege than, and completely unnoticeable by the OS
Nicholas Moore
I haven't read the article >And they showed that by running a series of seemingly innocuous commands on their minutely sabotaged processor, a hacker could reliably trigger a feature of the chip that gives them full access to the operating system. sounds like privilege escalation to me
Jordan Ortiz
>it's another episode about how fucked we are When will we change the channel
Brayden Ross
soon
Cameron Green
How much do you wanna bet little CIA niggers are already all over this, seized the documents and hired the researchers?
Ian Cooper
>deleted
Got too close to the truth?
Henry Rogers
>"only"
Joseph James
> wouldn’t be caught by practically any modern method of hardware security analysis, and could be planted by a single employee of a chip factory.
Thank god our CPU's are made in Israel.
Nolan Gonzalez
Processors are used not only on servers to store data, but also in critical places like early ICBM launch detection. In such places, Russia uses not only the processors they designed (and are therefore bug-free), but also afaik they make them in Russia. For less critical applications (many government servers), they use processors designed by them (such as Elbrus) but are made in Taiwan.
Wyatt Smith
>soviet/russian >bug-free
Pick one, and only one.
Ryder Powell
You're implying that Russia bugs their own CPUs whose users are mainly Russian government, Russian military, and Russian businesses that have a need for higher security?
Noah Gray
No, I'm implying that russians can't do bug-free if their lives depended on it.
Andrew Foster
This isn't nothing. Hardware manufacturers can do this.
Easton Gray
Oh, and burgers can?
Any complex piece of software that does something worthwhile will always have bugs you fucking retard.
Aiden Peterson
Russians are particularly bad at it, though.
Julian Bell
>yfw they put backdoor in the FPGA and program in a backdoor into your ISA on the fly
Logan Green
Soviet knockoff CPUs were often improved upon by the soviet engineers (some of the best in the world at the time), and soviet 8086 clones are some of the best ever made
Joshua Garcia
Yeah its the jews' CPU over the goyim CPU. The story of the world again and again.
Ian Bennett
> they’ve built and proved it works. They've also proved it's possible to steal data from airgapped machines with gigantic microphones.
This boils down to "some employee can modify chips to be hackable!" which, no fucking shit? That's like saying "The guy who makes locks can make an easily defeated lock!"
Camden Gomez
Open source hardware when? This shit is getting ridiculous.
Charles Martinez
When it becomes economically viable vs. intel/amd/arm/whatever big corporate. Which would be right after economically viable fusion powered flying cars.
William Baker
>NSA tells Intel to put hardware backdoors into all their chips >entire globe can now be spyed on by the U.S. government
Juan Perez
fowardcom ISA is also a possibility. Agner Fog was one of the creators.
Robert Thomas
>but wait, how do you know the FPGA itself doesn't have a backdoor? How exactly could you do that? To secretly interface with the internet through an FPGA, which could have any combination of circuits on it, seems like it would be difficult.
Robert Murphy
>not soldering your own cpus
Jeremiah Wilson
>not mining all materials you need and then redoing the whole manufacturing process from stone age to today tech level (all the while hunting fat niggers for sustenance so you don't waste time farming/gathering)
Justin Bell
>best Internet in Poland is 1Gb/100Mb I hope shit gets better before my current contract ends.
Alexander Adams
...
Jordan Smith
I heard you liked botnets so we put a botnet on your botnet so your botnet can run a botnet on its botnet
Robert Carter
I wouldn't be surprised if russian security agencies were bugging the government's shit to spy on the other agencies
Hudson Smith
>tfw the universe is a neverending chain of botnet within botnet within botnet
>the processors they designed (and are therefore bug-free)
Brandon Russell
Russian culture is very pro-self over pro-country and would definitely engage in that kind of behavior. I doubt they switched all of their systems to typewriters, but for really secure stuff even the FBI/CIA/NSA use paper only.
Robert Davis
Wouldn't help if someone at the chip fab altered the design at manufacturing time.
Adrian Peterson
If it's open source you can just manufacture it in your home fab unit.
Justin Allen
>needs to be done by an employee so worthless piece of shit
Wyatt Parker
I, too, want to return to the days of computes the size of industrial refrigerators.
Grayson Ortiz
I'm going to start using my fucking IBM ThinkPad 340 from 199-bastard-4 with a 50 Mhz IBM made CPU if this shit keeps going.
Hudson Long
And Stallman thought it was about the Software.
In the end, what use is it to run an OS that doesn't control you when the CPU controls the OS?
Zachary Davis
>dub dubs Nice. >a hacker could reliable trigger a feature of the chip that gives them full access to the operating system Is this "feature" intel ME (and its AMD equivalent) or is it something else?
Nolan Jones
They can enable the weakness but someone still has to have access to your computer to take advantage of it.