So, we the people are putting up $25B to help our semiconductor businesses. Great, if it works. Now all we need is a decently managed company to put that cash to good use.
Can you describe more or point to some papers that suggest how this is possible? I don't see how a fab that receives only mask sets could possibly add a trojan to a CPU, but obviously just because I don't know how it could be done that others don't.
I'm sure than some years ago I peeked at a white paper made by IBM about a fab being able to add an extra metal layer with a malicious embedded ROM into an existing design, so keeping the supply chain under watch is also quite important if you're into secure computing. You may have to try to find it yourself, as I failed to google it.
The US needs to have better general education standard. The emphasis need to be on critical thinking, logical reasoning and scientific methodology with data driven analysis. More emphasis on the STE field. More emphasis on vocational school.
The papers I am aware of are GOMAC papers and unavailable for the public, if I have time I'll try to look up public viewable papers.
ehume
Golden Member
- Nov 6, 2009
- 1,511
- 73
- 91
Probably a place where they would be speaking German or Japanese, but for the deaths of Americans.
VirtualLarry
No Lifer
- Aug 25, 2001
- 56,570
- 10,204
- 126
But then... people might learn to question their gov't! Can't have people like that, coming out of the gov't education system, can you?
Any chips that end up in servers undergo pretty rigorous testing by those that ordered them (or manufactured them in the case of Intel).
You would not be able to sneak such a thing under the RADAR as it were without insider help from that vendor.
Starting with adequate funding for schools so that teachers need not pay for classroom supplies out of their own pocket would be a fine start - the problems are clearly bone deep in that education system, from budget to syllabus.
This is not true and there is research out there in trying to figure out new methods of testing chips to determine if chips have been altered or additional circuitry added. Part of this could be adding additional circuitry for hardware security.
A few extra wires in a metal layer connecting to a ROM could not compromise the security of a processor unless you had intimate knowledge of the actual uArch you were trying to circumvent.
In any case it would have to be more than just a memory ROM, it would have to comprise of at least some logic circuitry as well.
As for it "not being true" - exactly how versed are you on the post fab testing procedures of AMD or Intel to be able to make that determination?
Again, without significant penetration into said vendor company you could not even be sure that such a hardware patch/hack had not been detected - the first failure would result in your 'mole' being identified within the fab production pipeline.
I have not worked for AMD or Intel so I can't speak to their specific testing practices, but I am familiar with industry standard testing and the holes that are in them for malicious actors to use as attack vectors. There have been successful proof of concept attacks which are able to extract information out of ICs undetected by standard testing methodology, similar to side channel attacks. There also exists the potential to rapidly degrade or interfere with the IC functionality mid operation. In consumer electronics this isn't as big of a concern, but ICs used in the defense industry or for things like self navigating vehicles, it's a big concern. There haven't been any successful instances of this happening that I am aware of, but that doesn't mean the potential and concern isn't there.
moinmoin
Diamond Member
- Jun 1, 2017
- 5,212
- 8,378
- 136
I'm scratching my head over the supposed fear that hardware is being manipulated without anybody's knowledge, all while it's already comparatively very easy to manipulate microcode, firmware, BIOS and hidden systems like Intel's Management Engine and probably also AMD's ARM based controller (for Secure Processor and likely a lot of other functionality) without anybody's knowledge since those parts usually can be manipulated at any time later as well.
As far as we know this is a worry that "someone might do this" or "if we are paranoid we have to expand resources to figure out a way to verify it was not done", not something that's actively being done. The TLAs are extremely paranoid - its basically their job to be paranoid.
I would be extremely surprised if the military do not go somewhat beyond the standard means in these matters - they do not use half measures, or even full measures.
They use processes that are currently simply not viable economically for the regular semiconductor industry due to the expense (III V transistor materials etc) - due to the lesser quantity of such orders it would not at all surprise me to find that they have a more direct supervision and security of such manufacturing.
As for autonomous vehicles, I think that the more wild west set up we currently see will make it difficult for any given attack to work as their are multiple manufacturers all using different solutions.
A more concerning problem than the fabs would be the wrong company making an SoC for autonomous cars and somehow placing such a hack as you describe into ARM's synthesizable core designs, or otherwise at the SoC level - after all, the fab is just the one making the product, the vendor/designer is the customer and they are not likely to raise an issue if something looks wrong.
Education is the only way. It's been on a downhill slide for a few decades now. An incident a couple decades ago may help illustrate the point. The company I was working for at the time was desperate for engineers. They offered to buy the local university, community college and high school state of the art labs, and pay for further education of the teachers towards engineering specialties. Every single one of them flat out refused to take the money.
How many kids lost great opportunities because of this lack of vision? The schools didn't want to make more 'wage slaves' to paraphrase their responses. So bartenders with a Masters in ancient Roman Lit are better equipped for modern life?
How many kids lost great opportunities because of this lack of vision? The schools didn't want to make more 'wage slaves' to paraphrase their responses. So bartenders with a Masters in ancient Roman Lit are better equipped for modern life?
DOD will use the same type of CMOS processes as the commercial industry for many of their applications. Circuits made with III-V transistors aren't really used for digital circuits that I'm aware and are used more for power electronics and MMICs. They have a trusted foundry program that must be used for many of their projects but the trusted foundry program is at risk with the elimination of US based fab companies and fewer and fewer advanced node fabs being built in the U.S. This is where the concern pops up.
For the rest, there are many attack vectors in the IC supply chain that are a concern, I was just responding to a post saying that manipulation at the fab isn't a concern which I know directly isn't true.
There's no helping America since no one there is actually serious about logic fabrication and even Intel treats that sector like some sort of joke. Just goes to show anyone how truly feckless the American public really is ...
How could America fail so badly that Intel who is 10x bigger than SMIC found themselves neck and neck with each other despite the fact the latter is getting sanctioned ? Hopefully, silicon valley and it's high-tech sector will die out so that Americans can get a clue of what's happening behind them ...
Mediocre engineers are a dime a dozen. You're not even close to being guaranteed a job in the field just because you graduated university. Many end up doing something else. If companies want more competent engineers, they need to pay more to attract smart people into the field just like they love to do with sales. Far too many opportunities in the US service sector outside of STEM that pay just as much or more than engineering.
ehume
Golden Member
- Nov 6, 2009
- 1,511
- 73
- 91
My dad was born in 1922. He told me 'Engineers like work. Salesmen like money. So they give the engineers work and the salesmen money.'
DrMrLordX
Lifer
- Apr 27, 2000
- 22,583
- 12,464
- 136
The US needs better pay for STEM workers in general. Instead, most corporate policies over the last 20 years have been aimed at lowering STEM pay and marginalizing its workers.
Dunno why you're saying that to me, when I was replying to something saying something very different . . .
Last edited:
I would drop the M part of the acronym. That M side have been grossly overvalued.
I still say education is the key. Even mediocre engineers are okay if they can keep an open mind and keep on learning. Also not everyone can be a star engineer, just like a master machinist is only a small section of machinist while the rest are made of apprentices and journeymen.
Teaching needs to be more appreciated, especially on the higher education. Not every university has to be a research university. From my personal experience when universities chases research dollar, the teaching part suffers.
When I was in grad school I had two young professors that was only recruited a couple of years before. One is brilliant guy, brings research grants but can't teach. With a little more experience in teaching and more industrial experience he might become a better teacher. The other new professor is a smart guy, excellent teacher that always challenge our ability but can't get a grant. Guess which one got the boot the next year?
True. Academic excellence these days has been turned into a disgusting pursuit of grants and citations.
Actual leadership in the long term requires much more than this.
All those mediocre engineers who graduate need a job where they can bolster that learning with real world experience. That's how they become good, and a few eventually become great engineers.
The problem in the US isn't education, it is companies who save a buck by offshoring basic engineering tasks. That makes it harder for engineering graduates to get that first job where they will gain that experience, and lowers the salaries being offered to them. That's why some engineering graduates end up doing something else for more money. That's not a problem specific to engineering, it is true in a lot of fields in the US.
When college graduates in serious fields like engineering, computer science, accounting and so on can make more money working 40 hours a week as a waitress or bartender earning tips there's clearly something wrong with the economic incentives in the US economy. I think the average person believes that's only possible for someone who majors in a field known to be low paying like a major in social work or have limited career prospects like majoring in history. Maybe that was the case 20-30 years ago, but no longer.
Paying less for offshore engineers to do your work than hiring college grads makes sense in the short term but not in the long term if that company will want to hire experienced engineers in the future. Working as a waitress instead of taking a lower paying job in your field makes sense in the short term but not in the long term for that person if they want a career in that field.
You mean like all those hardcoded passwords in enterprise Cisco routers that were sleeping there for years? And we're dealing with something Software-level, which would be easier to reverse engineer and audit than say, decapping a chip to read an embedded ROM, which would be required to actually audit a chip. So no, I don't believe than your "rigorous testing" that can't detect Software (Including Firmware) level security risks would even bother to physically analyze a chip to see whenever it was compromised at either design or manufacturing stages. More so an entire computer with dozens of them. You either blindly trust your vendor products or have your own well geared department that is capable of audit them, and I doubt that there are a lot of people that can do the latter considering the amount of tools and time that you would need...
Are you kidding me? A malicious embedded ROM that gets read before the actual Firmware could do something like creating a SGX enclave, a SMM handler, or other extremely low level stuff that could make it hard to detect Software side or otherwise be completely unstoppable, because such malware can be active even before full Processor initialization and be a physical part of the Processor itself. It means that you have to throw the compromised Processor away.
You don't need that much of intimate knowledge of the architecture to make use of a malicious embedded ROM. I mean, everyone knows what is the first physical address than a x86 Processor reads, which is where the ROM with the Firmware has to be mapped, and the rest of the features should be covered pretty well in any Developer's Manual. You just need an embedded ROM that is mapped there, then unmaps itself and maps the regular SPI Flash ROM so that it does it thing then let the system boot transparently. Voila, permanent Hardware rootkit. And reasons like that is precisely why is dangerous if you can't trust the manufacturer of your chip.
Like I said, unless you have someone embedded at the vendor - almost certainly the NSA/CIA did indeed have such a person in place for precisely this reason.
Or worse and a significant portion of the company engineering and/or administration was in league with those govmt agencies.
As we know from the multitude of security fracas in the last 2-3 years, SGX is far from as secure as Intel claimed or supposed it to be - whether due to intrinsic problems with the system or the underlying security faults of the uArch it simply was not fit to purpose.
Ironically was held up by the UHD Bluray Association as the paragon of PC security to play UHD Bluray discs on - still no apology from them to AMD since the holes in SGX were discovered.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 24K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 20K
-
-
-
Facebook
Twitter