On 19 September 2013 16:52, Rob Myers <r...@robmyers.org> wrote: > On 18/09/13 11:07 PM, James Morris wrote: > > On Sep 19, 2013 2:12 AM, "Rob Myers" <r...@robmyers.org > > <mailto:r...@robmyers.org>> wrote: > >> > >> "Scientists have developed a technique to sabotage the cryptographic > >> capabilities included in Intel's Ivy Bridge line of microprocessors. The > >> technique works without being detected by built-in tests or physical > >> inspection of the chip." - > >> > > > http://arstechnica.com/security/2013/09/researchers-can-slip-an-undetectable-trojan-into-intels-ivy-bridge-cpus/ > >> > > > > presented as scary stuff. but extremely easy top detect by software. > > prng ffs! > > Just have it fail after a certain date or in response to a particular > message, then. ;-) > > Well that would be an additive modification rather than subtractive - quite a large leap from a reduction in bits which is what this is. But what I'm getting at is what makes it useful to a hacker also allows it to be detected: if keys can be extracted then we detect it ;-p
http://en.wikipedia.org/wiki/Random_number_generation#Practical_applications_and_uses > Also: > > "In addition to the Ivy Bridge processor, the researchers applied the > dopant technique to lodge a trojan in a chip prototype that was designed > to withstand so-called side channel attacks. The result: cryptographic > keys could be correctly extracted on the tampered device with a > correlation close to 1. " > > Same again, if we can extract keys we detect it. The article fails to acknowledge the possibility of software detection in order fear monger. As well as simulating attacks, unit testing would be another possibility. I just don't think this is as undetectable as the article tries to make out. http://en.wikipedia.org/wiki/Unit_testing But I don't really know. James.
_______________________________________________ NetBehaviour mailing list NetBehaviour@netbehaviour.org http://www.netbehaviour.org/mailman/listinfo/netbehaviour
