Well I wonder how he would feel after a paper was released this month showing that you can change the logic gates of a microprocessor by changing the doping of transistors. Such changes, the trojan, would not be visible (functionaly or optically) and the underlying circuitry would be unaffected. As Brucie suggests one of the best things to do with this is attack the random number generator (RNG) by lowering the entropy of random numbers. Random numbers underpin modern cryptography and should they become predictable then all security is lost.

Oh so what about that stuff with micro-code? Tbh I don’t know, the more I learned the more dangerous it seemed. Here is an excerpt from another article:

But Intel’s biggest security feature may lie in keeping the technical
details behind its BIOS Update technology a closely guarded secret. “There is
no documentation,” said Frank Binns, an architect in Intel’s
microprocessor group. “It’s not as if you can get an Intel ‘Red Book’
with this stuff written down. It’s actually in the heads of less than 10
people in the whole of Intel.

Interesting,  this thing [levels of encryption within the processor that prevents malicious encrypted microcode updates] is known by a few people at Intel and bunch of people over at the NSA, a fair assumption given current revelations — I wish they’d tell me where I left my coke!

The post Paranoia deepens for security people as hardware trojans cloak appeared first on GL.IB.LY.