On Sun, 2013-06-16 at 11:54 +0200, Guido Witmond wrote: > On 16-06-13 04:12, Waitman Gobble wrote: > > On Sat, 15 Jun 2013 17:19:14 -0500, Anthony Papillion > > <anth...@cajuntechie.org> wrote: > >> > >> But how do we handle hardware attacks? For example, what happens when a > >> chip maker, say Intel, collaborates with the government to allow access > >> to users systems from the chip level? How can we defend against this? > >> > > Unless it's tamper resistant hardware, there is always the electron > microscope to verify the chips itself. It's a big job but could be an > ongoing graduation project at a few universities in > China/Russia/Iran/Iraq. I bet they love to present the evidence of > tampering in an Intel processor.
Let's say we could fully automate the process of converting an an electron microscope image of the >1B transistors on a recent Intel CPU to about a billion lines of Verilog "source code". Let's divide that by a generous factor of 50 to account for a lot of this being highly repetitive patterns like cache. Now we simply have to audit 20 million lines of source code. Given that we're hopelessly bad at auditing the millions of lines of source code we already have, this seems like a doomed process. That's before we even start to consider any of the ways that Intel could obfuscate the process. Bear in mind that Intel can't even fully verify their own designs, despite having complete access to the design. This is how we get things like the Pentium FDIV bug, which is only the most famous of the thousands of bugs discovered in their CPUs. And yes, a bunch of those bugs have been remotely-exploitable security holes: https://encrypted.google.com/search?q=intel+cpu+security+errata (One could argue that the NSA doesn't need Intel to backdoor their CPUs because Intel is already doing that by accident on a regular basis.) -- Mathematics is the supreme nostalgia of our time. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
