Arthur T Knackerbracket has processed the following story:
A Chinese industry group has accused Intel of backdooring its CPUs, in addition to other questionable security practices while calling for an investigation into the chipmaker, claiming its products pose "serious risks to national security."
The Cybersecurity Association of China (CSAC), in a lengthy post on its WeChat account on Wednesday described Intel's chips as being riddled with vulnerabilities, adding that the American company's "major defects in product quality and security management show its extremely irresponsible attitude towards customers."
The CSAC also accused Intel of embedding a backdoor "in almost all" of its CPUs since 2008 as part of a "next-generation security defense system" developed by the US National Security Agency.
This allowed Uncle Sam to "build an ideal monitoring environment where only the NSA is protected and everyone else is 'naked,'" the post continued. "This poses a huge security threat to the critical information infrastructure of countries around the world, including China," the industry group claims.
The infosec org also recommends the Cyberspace Administration of China open an investigation into the security of Intel's products sold in the country "to effectively safeguard China's national security and the legitimate rights and interests of Chinese consumers."
[...] The calls for a government investigation into the American chipmaker follow a series of accusations from the White House accusing Chinese spies of burrowing into US networks and critical infrastructure systems, all of which China has denied, and a proposed ban on Chinese connected vehicle technology.
[...] Intel this year inked deals with several Chinese state-linked agencies for its Xeon processors to be used in AI workloads, according to Reuters. Considering a little over a quarter of Intel's revenue last year came from China, a security review of its products — and potential restrictions — could be a major blow to its ongoing recovery efforts.
(Score: 2, Interesting) by Mykl on Wednesday October 23 2024, @06:34AM (2 children)
The possibility of China trying to hack everyone else and throwing shade on Intel as a diversionary tactic does not necessarily mean that they're wrong. Intel's definitely got their share of issues, and it would be useful to see what "reasonable, articulable" issues China have with their chips.
(Score: 4, Interesting) by DrkShadow on Wednesday October 23 2024, @07:09AM
https://arstechnica.com/information-technology/2013/12/we-cannot-trust-intel-and-vias-chip-based-crypto-freebsd-developers-say/ [arstechnica.com]
> "Edward Snowdon [sic] -- v. high probability of backdoors in some (HW) RNGs," the notes read, referring to hardware RNGs. Then, alluding to the Dual EC_DRBG RNG forged by the National Institute of Standards and Technology and said to contain an NSA-engineered backdoor, the notes read: "Including elliptic curve generator included in NIST. rdrand in ivbridge not implemented by Intel... Cannot trust HW RNGs to provide good entropy directly.
(Score: 5, Interesting) by Tokolosh on Wednesday October 23 2024, @07:15AM
Gonna give China the benefit of the doubt on this one. Same for Cisco, AT&T, Mega, Google, Microsoft, Broadcom, Qualcom...
(Score: 3, Insightful) by pTamok on Wednesday October 23 2024, @07:18AM (5 children)
It not impossible that processor fabs are putting (hardware) backdoors a selection of units of every processor they make.
If I wanted to put undocumented features into hardware, the best place to do it is where it, or its components are manufactured.
An obvious way to do it is to have a documented 'debug' mode where you put a 64-bit 'instruction' into a register and trigger 'debug' which reads the register and goes off and does something. You publish a list of 64-bit codes for people to do useful 'debug stuff', but simply have some extra 64-bit codes that do 'other stuff'. Because it's difficult to search through 64-bit address space for unknown codes, finding the 'other stuff' becomes difficult. You can make it worse by requiring a specific 'door-knocking' protocol. Or use a 128-bit register. Or use a 'door-knocking protocol' on some other register or address line without an explicit debug function. Tie the function to an undocumented opcode. Put a specific sequence of NOPS and NOP-equivalent instructions into a cpu pipeline. There are lots of ways of hiding features that can be used by chip designers and chip manufacturers.
It's why open hardware is a useful goal. Open hardware projects don't tend to get very far 'though.
(Score: 5, Informative) by Rich on Wednesday October 23 2024, @10:31AM (3 children)
I was thinking that this simply refers to the "Management Engine", which can access networking. No one in the open really knows what's going on in here, and Intel vehemently refuses to allow people to neuter it, so it's obvious they have orders (which is also about confirmed by the back-and-forth of the corresponding AMD "feature"). See https://www.coreboot.org/Intel_Management_Engine [coreboot.org] and https://www.coreboot.org/Intel_Management_Engine [coreboot.org] for what it does. You always have your pants down when you connect anything "Core i" or newer to the internet.
It might well be that they have some hidden privilege escalation "bug", too, but I don't think that's what the Chinese were talking about.
(Score: 1) by pTamok on Wednesday October 23 2024, @11:34AM (2 children)
The Management Engine and equivalent technologies in AMD and ARM processers are the obvious backdoor enablers, but painting a big circle and labelling it 'Target' could well be a little bit of misdirection. I expect there to be more than one back-door, at least one of which will be subtle and have a plausible other explanation, if discovered.
(Score: 3, Interesting) by hendrikboom on Wednesday October 23 2024, @08:58PM (1 child)
What *are* the
processors?
People keep mentioning them, but I have not been able to get any solid information about them, what they do, or even whether they exist.
(Score: 2, Informative) by pTamok on Wednesday October 23 2024, @11:38PM
https://en.wikipedia.org/wiki/AMD_Platform_Security_Processor [wikipedia.org]
(Score: 1, Touché) by Anonymous Coward on Thursday October 24 2024, @01:12AM
Like this one? No wonder the US Gov can't trust Kaspersky (to keep their mouths shut 🤣 )
https://www.kaspersky.com/about/press-releases/kaspersky-discloses-iphone-hardware-feature-vital-in-operation-triangulation-case [kaspersky.com]
https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/ [securelist.com]
Sure it's "most likely" not a backdoor or was included by mistake, please US Gov, don't ban us! Damn got banned anyway...
(Score: 5, Insightful) by Rosco P. Coltrane on Wednesday October 23 2024, @07:42AM (5 children)
The US has been leveling the same accusations at China for the longest time, and it's probably true.
Now China accuses the US of the same things, and it's probably true too.
(Score: 2) by VLM on Wednesday October 23 2024, @12:19PM
Possibly the entire situation could be as simple as whomever tries to insert their backdoor SECOND gets mad when they realize the opfor already inserted a backdoor there. And who gets there second is just some random footrace so sometimes its us and sometimes its them.
(Score: 1, Touché) by Anonymous Coward on Wednesday October 23 2024, @04:55PM (2 children)
In order to terminate this discussion and continue on our merry way, let's label it "whataboutism" like we do with our political candidates when confronting hypocrisy
(Score: 0) by Anonymous Coward on Thursday October 24 2024, @09:44AM (1 child)
You mean like we did in nursery school when we did something we knew we were not supposed to do but saw somebody else doing it first...
(Score: 0) by Anonymous Coward on Thursday October 24 2024, @08:49PM
No, I mean using the term "whataboutism" to quash any revelations of hypocrisy in the people who make accusations against an adversary, or in other words, engaging in projection. Moral of the story is, clean your own house before complaining about the others
(Score: 0) by Anonymous Coward on Thursday October 24 2024, @01:28AM
Thing is how much evidence of hardware backdoors has been provided for the Chinese stuff? So far I do see software backdoors but strangely no sign of hardware backdoors despite the US Gov insisting there are (so why not just show one?). The Bloomberg one was BS - nobody adds physically detectable backdoors where even the bean counters can find them and use those to ask for discounts... Nobody reputable has provided evidence to back the Bloomberg BS claims, in contrast more have come out to say those claims were BS.
In contrast where's the evidence that this was BS? This is how you add hardware backdoors:
https://www.kaspersky.com/about/press-releases/kaspersky-discloses-iphone-hardware-feature-vital-in-operation-triangulation-case [kaspersky.com]
https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/ [securelist.com]
Sure Kaspersky tried to imply it wasn't a backdoor, but they still got banned anyway. 🤣
(Score: 3, Insightful) by stormwyrm on Wednesday October 23 2024, @04:39PM (1 child)
From the hello-pot-meet-kettle dept.
Numquam ponenda est pluralitas sine necessitate.
(Score: 2) by Frosty Piss on Wednesday October 23 2024, @05:16PM
I suspect this is strictly for internal and friendly audiences.
(Score: 2) by hopdevil on Thursday October 24 2024, @12:33AM
I looked at the Chinese post, translated by Google.. it doesn't have technical details, just discusses publicly known security concerns with Intel. And I can agree Intel is terrible at security, but everything has security issues, so it is no surprise. Is it malicious or incompetence.. maybe it doesn't matter? Security reviews are always warranted for critical components like this, so hopefully they publish the findings?
In the meantime the US is restricting exports to China, so that seems counter to the narrative they are trying to make.