# China-made US military chip has security backdoor



## micropage7 (May 31, 2012)

Researchers at Cambridge University have found that a microprocessor used extensively by the US military contains a backdoor built into the design allowing the chip to be reprogrammed. The chip is used in many systems including weapons, nuclear power plants and public transport. The "bug" is in the chip itself rather than the firmware, the only “fix” would be replacement.

Sergei Skorobogatov of Quo Vadis Labs at Cambridge University said of his backdoor discovery “Our aim was to perform advanced code breaking and to see if there were any unexpected features on the (US Military) chip. We scanned the silicon chip in an affordable time and found a previously unknown backdoor inserted by the manufacturer. This backdoor has a key, which we were able to extract. If you use this key you can disable the chip or reprogram it at will, even if locked by the user with their own key. This particular chip is prevalent in many systems from weapons, nuclear power plants to public transport. In other words, this backdoor access could be turned into an advanced Stuxnet weapon to attack potentially millions of systems. The scale and range of possible attacks has huge implications for National Security and public infrastructure.”

It sounds very serious and a bit like the Die Hard 4 plot theme but to exploit the backdoor would “require a Mission-Impossible break-in to the afflicted site and hardware, probably carrying a reasonable amount of special equipment with you.” Says Alec Muffet at ComputerWorldUK. In other words you have to be able to physically connect some equipment to the chip/system to re-program it.





When considering the question of who put the backdoor in the chip, it was not necessarily the Chinese. The backdoor may well have been in the original chip design, put there as a debugging tool by the designer. Errata Security actually say that backdoors are common, rarely malicious and the possible Chinese subversion, because they manufactured the chip, is only improbable speculation. In addition the chip vendor Microsemi/Actel could helpfully issue a statement to clear up if they knew about this chip feature and if it’s part of the design.

Skorobogatov thinks his discovery illustrates a big problem in chip manufacture “The discovery of a backdoor in a military grade chip raises some serious questions about hardware assurance in the semiconductor industry.” After reading about the highly targeted Flame espionage virus yesterday, to learn that some important military utilised processors have such vulnerabilities is worrying.
http://hexus.net/tech/news/cpu/40037-china-made-us-military-chip-security-backdoor/


----------



## FreedomEclipse (May 31, 2012)

yeah..... In other words If china attacks - it doesnt matter about ammunition as most of it is already located in the U.S armouries! 

China - 1 - U.S - 0


though that would be quite a bad loss for the U.S if the U.S could have their own hi-tech weapons used against them in a bitter twist of fate.

then again terrorists could get hold of the blueprints too and hijack the chinese invasion for their own wars and ideals


----------



## ShiBDiB (May 31, 2012)

> In other words you have to be able to physically connect some equipment to the chip/system to re-program it.



/thread

Fear mongering attempt FAIL (ur source not u)


----------



## GSG-9 (May 31, 2012)

The NSA has divisions dedicated to testing chips. I am not saying they are infallible, but I bet most of the time THEY know what the vulnerabilities are when they pick a product.


----------



## Arctucas (May 31, 2012)

I, as an American taxpayer, would like to know why our military is buying chips from China?

For the amount of money our military spends, I am sure there are many American companies more than capable of producing chips here in the U.S.


----------



## AsRock (May 31, 2012)

Arctucas said:


> I, as an American taxpayer, would like to know why our military is buying chips from China?
> 
> For the amount of money our military spends, I am sure there are many American companies more than capable of producing chips here in the U.S.



because it's cheaper LMAO.


----------



## micropage7 (Jun 1, 2012)

AsRock said:


> because it's cheaper LMAO.


yeah, maybe thats the reason since most stuff comes from china tagged in low price
so with the same money you gonna get more


----------



## Arctucas (Jun 1, 2012)

AsRock said:


> because it's cheaper LMAO.



...like the poison dog food and toothpaste from China a few years ago?

No thanks, would I prefer American products made by Americans in America.


----------



## Inceptor (Jun 9, 2012)

Do you think that the PCs in the Pentagon and other US government departments are custom made, in the US, with American made components?
Come on now.  They have to buy from the same companies everyone else does, they just make sure there are no security concerns with the hardware involved (motherboards being the prime example).  It must be expensive to do an analysis of a motherboard to find out if all the component chips are 'safe', not to mention all the other hardware components.


----------



## Dippyskoodlez (Jun 9, 2012)

ShiBDiB said:


> /thread
> 
> Fear mongering attempt FAIL (ur source not u)



Until you factor in stuff like FLAME.

Not as big of an issue for what is likely *MOST* of the chips... but you get the right few... and shit hits the fan. Better to not have these exist, than to assume they won't be used. Too many possibilities.  If the hardware is out of positive control at any time, it may be considered compromised.


----------



## AsRock (Jun 9, 2012)

micropage7 said:


> yeah, maybe thats the reason since most stuff comes from china tagged in low price
> so with the same money you gonna get more



Well lets face it most things have some kind of backdoor to them.



Arctucas said:


> ...like the poison dog food and toothpaste from China a few years ago?
> 
> No thanks, would I prefer American products made by Americans in America.



America cannot afford shit from china never mind America..  Like shit i like in PA were heinz beans started and shit i have to go to the British shelf in the shop to get them lol.

For example if made in America it's typically more expensive than getting it done in another country..  What makes this even worse prices rise in the US so these other country's have to make that item even more cheaper.

So it's not the other country's at fault it's this country ( others to like the UK ).


On subject if i was living in China and some one asked me to make a chip that control nukes that could blow me up one day shit i  put a back door in that fucker without a second thought. Even if it was for the country i lived in their be a back door has their has to be some kind of fail safe.


----------



## Mussels (Jun 9, 2012)

well they need physical access to the chips to reprogram them, meaning they'd need a saboteur there in the first place. i find this unlikely.


that said, good that the flaw was found, and bad hardware can be replaced.


----------



## Peter1986C (Jun 9, 2012)

micropage7 said:


> In other words you have to be able to physically connect some equipment to the chip/system to re-program it.





ShiBDiB said:


> /thread
> 
> Fear mongering attempt FAIL (ur source not u)





Mussels said:


> well they need physical access to the chips to reprogram them, meaning they'd need a saboteur there in the first place. i find this unlikely.
> 
> that said, good that the flaw was found, and bad hardware can be replaced.



I concur. I suppose that bombing military facilities is a better and more used strategy than trying to infiltrate it (guessing that it is too much a risk for the men sent in and not worth it).


----------



## Easy Rhino (Jun 9, 2012)

this was proven false. there is no feasible way for china to use the chips they manufactured to do anything at all. stop reading reddit.


----------



## Wrigleyvillain (Jun 10, 2012)

Easy Rhino said:


> stop reading reddit.



Haha.

Yeah I found this hard to believe. Shit like this is the exact reason China designed and manufactured their own CPU. They don't trust ours.


----------



## ViperXTR (Jun 10, 2012)

All your base are belong to us.  You are on the way to destruction.


----------



## GC_PaNzerFIN (Jun 11, 2012)

Good luck getting in a F-22 raptor with EEPROM flash device and finding the chip you want to reflash. Might aswell hit it with hammer, much quicker way to disable it.

Military loves reprogrammable FPGAs and microcontrollers for obvious reasons. It is well known that they aren't 100% secure, but hey it is quite unlikely your enemy has time to take your radio, reflash it, give it back to you and then shoot you.


----------



## rectifryer (Jun 12, 2012)

The real issue here is that people are always trying to point out military "weaknesses" of the USA.  I find that interesting.


----------

