You can't defend against this. There is a lot of research going into detecting hardware trojans. In general, verifying that either hardware or software is (or is not) malicious in undecidable. We are even lacking in tools, short of exhaustive tests, for verifying that either hardware or software matches their specs.
The trusted computing group (TCG) standards are meant to address some of these issues. Unfortunately, it seems that TCG is being hijacked to enforce walled gardens and keep FOSS out of the market. On 06/15/2013 06:19 PM, Anthony Papillion wrote: > So we know the NSA is spying on the word. We know pretty much how they > do it and we know that at least part of that spying and data collection > is likely done by exploiting holes in software. We can fix that. We can > move people to better software, not rely on software from companies who > routinely turn over data, push open software, etc. > > But how do we handle hardware attacks? For example, what happens when a > chip maker, say Intel, collaborates with the government to allow access > to users systems from the chip level? How can we defend against this? > > Anthony > -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
