Profile cover photo
Profile photo
Ronnie Bermejo
697 followers -
Multi-distracted Software Engineer.
Multi-distracted Software Engineer.

697 followers
About
Ronnie's posts

Post has attachment
Photo

Post has attachment
Photo

Post has attachment
Oops 
Photo

Post has attachment
The most original band ever ..

All is about time.
- even dreams are made of it-

Post has attachment
+1

Post has attachment
Soy el muchacho chicho
de la pelicula gacha
me como la lumbre a puños
y ustedes les doy la bacha.

Soy el sueño dorado
de todas las muchachas/gabachas.
Y hasta dos tres galanas ..
me quieren dar las nachas.

Post has shared content
This is the most demonically clever computer security attack I've seen in years. It's a fabrication-time attack: that is, it's an attack which can be performed by someone who has access to the microchip fabrication facility, and it lets them insert a nearly undetectable backdoor into the chips themselves. (If you're wondering who might want to do such a thing, think "state-level actors")

The attack starts with a chip design which has already been routed -- i.e., it's gone from a high-level design in terms of registers and data, to a low-level design in terms of gates and transistors, all the way to a physical layout of how the wires and silicon will be laid out. But instead of adding a chunk of new circuitry (which would take up space), or modifying existing circuitry significantly (which could be detected), it adds nothing more than a single logic gate in a piece of empty space.

When a wire next to this booby-trap gate flips from off to on, the electromagnetic fields it emits add a little bit of charge to a capacitor inside the gate. If it just happens once, that charge bleeds off, and nothing happens. But if that wire is flipped on and off rapidly, it accumulates in the capacitor until it passes a threshold -- at which point it triggers that gate, which flips a target flip-flop (switch) inside the chip from off to on.

If you pick a wire which normally doesn't flip on and off rapidly, and you target a vulnerable switch -- say, the switch between user and supervisor mode -- then you have a modification to the chip which is too tiny to notice, which is invisible to all known forms of detection, and if you know the correct magic incantation (in software) to flip that wire rapidly, will suddenly give you supervisor-mode access to the chip. (Supervisor mode is the mode the heart of the operating system runs in; in this mode, you have access to all the computer's memory, rather than just to your own application's)

The authors of this paper came up with the idea and built an actual microchip with such a backdoor in it, using the open-source OR1200 chip as their target. I don't know if I want to guess how many three-letter agencies have already had the same idea, or what fraction of chips in the wild already have such a backdoor in them.

As +Andreas Schou said in his share, "Okay. That's it. I give up. Security is impossible."

Post has attachment

Post has attachment
Photo
Wait while more posts are being loaded