Silk Road forums

Discussion => Security => Topic started by: comsec on August 05, 2013, 11:41 pm

Title: Tinfoil compsci discussion: theoretical Intel and AMD backdoors + smartphone sec
Post by: comsec on August 05, 2013, 11:41 pm
http://www.eteknix.com/expert-says-nsa-have-backdoors-built-into-intel-and-amd-processors/

Statements like this were solidly considered tinfoil before Edward Snowden leaked that there were backdoors in HP products/Windows, and before Defcon last year where they presented how feasible and practical hardware backdooring of Intel CPUs is. Also before we found out about telecom carriers putting backdoors on SIM cards so they can OTA reprogram your internet stick to inject malware or give away your location. Also before we discovered backdoors in critical internet backbone routers and banking routers. There was also the revelation in 2007 that NIST had actually recommended an inferior PRNG algorithm on purpose as a backdoor, so that when combined with a secret skeleton key it can predict the RNs and unlock encryption: http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115

It would actually not be difficult for the NSA to do this. You have proprietary Intel and AMD microcode with crypto signatures to prevent tampering and plenty of undocumented instructions. Nobody can brute force what these unknown instructions are doing but they definitely exist we can see them while debugging. They could be simple update instructions for manufacturer control. Or they could be:

1. Not honoring NX bit
2. Messing with RNG
3. Dumping the entire state of the machine out to memory in SMI debug mode
4. Putting the machine into Ring 0

You could write obscure instructions that edits the right mask layers to access the microcode and patch your change in to do any of the above. Windows and OSX would be preferred deployment platforms since everything is hidden from the users anyways, but this is also possible in Linux/BSD. Once the hardware is backdoored there's no possible way you can protect it from userland when we have undocumented microcode and a long history of backdooring hardware, because creating a backdoor is much easier than breaking crypto or finding side channels. If this is true then all random number generation is useless if your adversary is the NSA.

This is:

A) Likely  B) Tinfoil  C) Unlikely because then NSA would be backdooring their own infrastructure (though they can use their own backdoors to patch the microcode to prevent any backdoors)

In other news, for a different project (which got me thinking about Intel backdoors) I've been reverse engineering Qualcomm basebands while attempting to secure smartphone devices, and discovered manufacturers are using GSM stacks from the 1990s and everything is running in ARM supervisor mode with no NX bit, therefore we have free reign to do anything like disabling the MMU. It would take a computer science student a couple of hours to figure out access to the interrupt vectors, injecting BKPT instructions and to pop the baseband stack to enable silent tracking or worse, figure out a way to jump out of the baseband processor and launch attacks on the application processor (or sim card) to steal voice and texts as a covert channel. The SIM cards are an obvious backdoor, since you have no control over carrier supplied cards running their own O/S and applications (and they are running tracking software which broadcasts ACK to type-0 silent SMS, giving away your location within 50m), but baseband operating systems like AMSS you'd think would not be so purposely feeble. The only answer is they want them to be feeble and this is a side channel backdoor.

thoughts? The only mitigation to this is using ARM processors only on open hardware boards like beagleboard until possibly they start installing backdoors too. They are afterall a multi billion dollar company, if MI6 approaches them on behalf of the NSA and says they won't be allowed to sell chips in the US anymore unless they comply to stop "terrorism" they'll bend over. Loongson Chinese CPUs would also prevent this, and probably why the Chinese wanted to develop their own CPUs because they know something is up with the Intel and AMD undocumented microcode. As for smartphones your only alternative is purchasing an expensive (EUR4,000) Cryptophone from GSMK that has a hardware baseband processor firewall to detect activity when the application CPU doesn't have activity, therefore something fishy going on and mitigation is deployed shutting down the GSM stack.