Arthur T Knackerbracket has processed the following story:
A Chinese industry group has accused Intel of backdooring its CPUs, in addition to other questionable security practices while calling for an investigation into the chipmaker, claiming its products pose "serious risks to national security."
The Cybersecurity Association of China (CSAC), in a lengthy post on its WeChat account on Wednesday described Intel's chips as being riddled with vulnerabilities, adding that the American company's "major defects in product quality and security management show its extremely irresponsible attitude towards customers."
The CSAC also accused Intel of embedding a backdoor "in almost all" of its CPUs since 2008 as part of a "next-generation security defense system" developed by the US National Security Agency.
This allowed Uncle Sam to "build an ideal monitoring environment where only the NSA is protected and everyone else is 'naked,'" the post continued. "This poses a huge security threat to the critical information infrastructure of countries around the world, including China," the industry group claims.
The infosec org also recommends the Cyberspace Administration of China open an investigation into the security of Intel's products sold in the country "to effectively safeguard China's national security and the legitimate rights and interests of Chinese consumers."
[...] The calls for a government investigation into the American chipmaker follow a series of accusations from the White House accusing Chinese spies of burrowing into US networks and critical infrastructure systems, all of which China has denied, and a proposed ban on Chinese connected vehicle technology.
[...] Intel this year inked deals with several Chinese state-linked agencies for its Xeon processors to be used in AI workloads, according to Reuters. Considering a little over a quarter of Intel's revenue last year came from China, a security review of its products — and potential restrictions — could be a major blow to its ongoing recovery efforts.
(Score: 3, Insightful) by pTamok on Wednesday October 23, @07:18AM (5 children)
It not impossible that processor fabs are putting (hardware) backdoors a selection of units of every processor they make.
If I wanted to put undocumented features into hardware, the best place to do it is where it, or its components are manufactured.
An obvious way to do it is to have a documented 'debug' mode where you put a 64-bit 'instruction' into a register and trigger 'debug' which reads the register and goes off and does something. You publish a list of 64-bit codes for people to do useful 'debug stuff', but simply have some extra 64-bit codes that do 'other stuff'. Because it's difficult to search through 64-bit address space for unknown codes, finding the 'other stuff' becomes difficult. You can make it worse by requiring a specific 'door-knocking' protocol. Or use a 128-bit register. Or use a 'door-knocking protocol' on some other register or address line without an explicit debug function. Tie the function to an undocumented opcode. Put a specific sequence of NOPS and NOP-equivalent instructions into a cpu pipeline. There are lots of ways of hiding features that can be used by chip designers and chip manufacturers.
It's why open hardware is a useful goal. Open hardware projects don't tend to get very far 'though.
(Score: 5, Informative) by Rich on Wednesday October 23, @10:31AM (3 children)
I was thinking that this simply refers to the "Management Engine", which can access networking. No one in the open really knows what's going on in here, and Intel vehemently refuses to allow people to neuter it, so it's obvious they have orders (which is also about confirmed by the back-and-forth of the corresponding AMD "feature"). See https://www.coreboot.org/Intel_Management_Engine [coreboot.org] and https://www.coreboot.org/Intel_Management_Engine [coreboot.org] for what it does. You always have your pants down when you connect anything "Core i" or newer to the internet.
It might well be that they have some hidden privilege escalation "bug", too, but I don't think that's what the Chinese were talking about.
(Score: 1) by pTamok on Wednesday October 23, @11:34AM (2 children)
The Management Engine and equivalent technologies in AMD and ARM processers are the obvious backdoor enablers, but painting a big circle and labelling it 'Target' could well be a little bit of misdirection. I expect there to be more than one back-door, at least one of which will be subtle and have a plausible other explanation, if discovered.
(Score: 3, Interesting) by hendrikboom on Wednesday October 23, @08:58PM (1 child)
What *are* the
processors?
People keep mentioning them, but I have not been able to get any solid information about them, what they do, or even whether they exist.
(Score: 2, Informative) by pTamok on Wednesday October 23, @11:38PM
https://en.wikipedia.org/wiki/AMD_Platform_Security_Processor [wikipedia.org]
(Score: 1, Touché) by Anonymous Coward on Thursday October 24, @01:12AM
Like this one? No wonder the US Gov can't trust Kaspersky (to keep their mouths shut 🤣 )
https://www.kaspersky.com/about/press-releases/kaspersky-discloses-iphone-hardware-feature-vital-in-operation-triangulation-case [kaspersky.com]
https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/ [securelist.com]
Sure it's "most likely" not a backdoor or was included by mistake, please US Gov, don't ban us! Damn got banned anyway...