Hiding Backdoors In Hardware 206
quartertime writes "Remember Reflections on Trusting Trust, the classic paper describing how to hide a nearly undetectable backdoor inside the C compiler? Here's an interesting piece about how to hide a nearly undetectable backdoor inside hardware. The post describes how to install a backdoor in the expansion ROM of a PCI card, which during the boot process patches the BIOS to patch grub to patch the kernel to give the controller remote root access. Because the backdoor is actually housed in the hardware, even if the victim reinstalls the operating system from a CD, they won't clear out the backdoor. I wonder whether China, with its dominant position in the computer hardware assembly business, has already used this technique for espionage. This perhaps explains why the NSA has its own chip fabrication plant."
Re:Lojack for Laptops... (Score:5, Funny)
I'm not sure that's a good example of a sentence...
Re:Undetectable? (Score:1, Funny)
OMG, but what if THAT machine is infected, too?!
Re:The NSA (Score:4, Funny)
If the NSA broke in and stuck a small device into an empty PCI slot in your computer, would you notice?
Now here's a good reason to use an iPad or macbook.
Re:Undetectable? (Score:3, Funny)
Then you need a turtle.
Re:proprietary firmware (Score:3, Funny)
Yours is probably the best post I've read in a month.
Re:Not bad but.. (Score:4, Funny)
The magic words are "this will make it faster"