K.S. Bhaskar on 4 Oct 2018 11:16:05 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies


Because of the wide variety of operating systems (even wide variety of Windows flavors), it would be pretty hard for such a chip to reliably make changes. Observe, yes, change maybe not. It could theoretically target the Minix management engine, but to do that it would have to be on-chip, unless there is a specific stream of data for updating that engine that this looks for. If anything, it would have to be part of an attack, such as (a) compromise a system with malware, (b) get malware to talk to spy chip (which can observe things the malware cannot). Or something like that…

Regards
– Bhaskar

On Thu, Oct 4, 2018 at 1:25 PM Rich Freeman <r-plug@thefreemanclan.net> wrote:
On Thu, Oct 4, 2018 at 1:13 PM K.S. Bhaskar <ksbhaskar@gmail.com> wrote:
>
> Label me sceptical till I understand where such a chip should be incorporated into a circuit to allow OS modifications.
>

Wouldn't this be possible for anything on the PCIe bus?  Presumably it
can just directly access either RAM or the hard drives or the ethernet
controller.

I'm not sure if typical x86 hardware+OS uses IOMMU to protect against
something like this.

I'd be skeptical but Bloomberg is pretty reputable.

You couldn't just stick it in a keyboard cable though.  It would
obviously have to attach to a bus of some kind with sufficient access.

--
Rich
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug