Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Security researchers create undetectable hardware trojans


18 Sep 2013   #1

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 
Security researchers create undetectable hardware trojans

Bad News if Malware writers learn the techniques!

Quote:
Security researchers create undetectable hardware trojans

Method can be used to weaken hardware random number generators used for encryption

By Jaikumar Vijayan
September 17, 2013 04:15 PM ET

Computerworld - A team of security researchers from the U.S. and Europe has released a paper showing how integrated circuits used in computers, military equipment and other critical systems can be maliciously compromised during the manufacturing process through virtually undetectable changes at the transistor level.

As proof of the effectiveness of the approach, the paper describes how the method could be used to modify and weaken the hardware random number generator on Intel's Ivy Bridge processors and the encryption protections on a smartcard without anyone detecting the changes.

The research paper is important because it is the first to describe how someone can insert a hardware trojan into a microchip without any additional circuitry, transistors or other logic resources, said Christof Paar, chairman for embedded security, Department of Electrical Engineering and Information Technology at Ruhr University in Germany.

Hardware trojans have been the subject of considerable research since at least 2005 when the U.S. Department of Defense publicly expressed concerns over the military's reliance on integrated circuits manufactured abroad, Paar said.

Often, the individual circuit blocks in a single microchip are designed by different parties, manufactured by an offshore foundry, packaged by a separate company and distributed by yet another vendor. This kind of outsourcing and globalization of chip manufacturing has led to trust and security issues, the paper noted.
see full two page report

My System SpecsSystem Spec
.

18 Sep 2013   #2

Desk1 8 Pro / Desk2 7 Home Prem / Laptop 8.1 Pro all 64bit
 
 

Hmm sort of makes you wonder how much we are being watched if you are really cynical and suspicious as I am Night Hawk. For all I know the CPU or whatever in this machine could be downloading stuff right now.
My System SpecsSystem Spec
18 Sep 2013   #3

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 

My System SpecsSystem Spec
.


18 Sep 2013   #4

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x86 Service Pack 1 - Linux Mint Mate 14 x64
 
 

Quote   Quote: Originally Posted by A Guy View Post
That blog is linked within the main article of this thread too

So basically, the hardware trojan is able to alter the CPU logic gate, so it interprets (I'm guessing Assembly code) any instructions given and translates them differently into machine code (1's and 0's).
My System SpecsSystem Spec
18 Sep 2013   #5

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x64 SP1
 
 

Quote   Quote: Originally Posted by x BlueRobot View Post
That blog is linked within the main article of this thread too
I know, but it had already been posted here

A Guy
My System SpecsSystem Spec
18 Sep 2013   #6

Windows 7 Pro. 64/SP-1
 
 

I always wondered if Chinese made hardware came with such hardware infections.
I was hoping that when Intel bought McAfee one of the reasons was to help with this kind of problem.
My System SpecsSystem Spec
18 Sep 2013   #7

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

When you think about trojans in hardwares and a lot of technology is imported from China is it any wonder how a group of people could slip past corporate security? In retrospect another article on just was also seen.

Quote:
China-based hacking group behind hundreds of attacks on U.S. companies

Hidden Lynx hacking-for-hire group more sophisticated than others, including using malware targeting zero-day flaws, Symantec says

By Jaikumar Vijayan
September 17, 2013 07:45 PM ET

Computerworld - A group of between 50 and 100 professional hackers operating out of China has been systematically targeting businesses, military and government agencies around the world since at least 2009, security vendor Symantec said in a report released on Tuesday.

The group, called Hidden Lynx, is believed connected to the Operation Aurora espionage campaign of 2010 in which dozens of major companies, including Google and Microsoft, were targeted.

More recently, Hidden Lynx was associated with an attack on security vendor Bit9 earlier this year, and also with numerous "watering hole" attacks against hundreds of organizations in the United States.
see full report

It makes you wonder what's next when software protections are ineffective due to the recoding of the preprogramming flashed on rom chips and other things. Essentially we are seeing the opening up of a new frontier for malware writers, hackers, etc. Just imagine getting into your next build and the cpu you get from Malaysia or elsewhere is uploading your credit information!

You would be wondering: "How could this happen? I haven't even ordered anything online yet with this new build!" Or let's say you suddenly find a new build is being controled remotely while the remote desktop feature is known to be disabled. Talk about "bugs" with new hardwares! you would be scratching your head wondering what was going on if you did happen to notice something odd was happening.
My System SpecsSystem Spec
19 Sep 2013   #8

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x86 Service Pack 1 - Linux Mint Mate 14 x64
 
 

BIOS infections have been around for a while though.
My System SpecsSystem Spec
19 Sep 2013   #9

Windows 7 Ultimate x64, XP Mode, W8.1 Preview VM - 7 Pro x64 second remote tower
 
 

Agreed! I couldn't agree with you more on that.

The potential problems now however would be seeing malicious coding effecting a much wide range of hardwares and not being limted to an eprom where you could simply reflash the bios with the latest update and be right back to where you started off.

This unfortunately open new types of doors for trashing pcs and disrupting businesses as well as personal systems. What if you Lan wakeup call ends up seeing a smiley face displayed while you are locked out of everything else for example due to code change on one or more thing?

As technologies and system protections progress over time so it seems the malwares and malicious coding has also had to keep up. And now there's a new way to gum up the works? How do you run an av/antimalware program on your hardwares? will be the next big question to come along if this becomes a reality out in the real world as far as seeing any of this type of thing implimented.
My System SpecsSystem Spec
20 Sep 2013   #10

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium x86 Service Pack 1 - Linux Mint Mate 14 x64
 
 

They will need to design some general tool for detecting malicious code in BIOS chips, and anything else which may use EPROM/PROM. As long as, security improves, the malware will improve.
My System SpecsSystem Spec
Reply

 Security researchers create undetectable hardware trojans




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 08:14 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33