Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
hueymahl
hueymahl's Journal
hueymahl's Journal
July 15, 2013
Bypass Encryption
While most outside observers think the NSA’s job is cracking encrypted messages, as the Prism disclosures have shown, the actual mission is simply to read all communications. Cracking codes is a last resort.
The NSA has a history of figuring out how to get to messages before or after they are encrypted. Whether it was by putting keyloggers on keyboards and recording the keystrokes or detecting the images of the characters as they were being drawn on a CRT.
Today every desktop and laptop computer has another way for the NSA to get inside.
Intel Inside
It’s inevitable that complex microprocessors have bugs in them when they ship. When the first microprocessors shipped the only thing you could hope is that the bug didn’t crash your computer. The only way the chip vendor could fix the problem was to physically revise the chip and put out a new version. But computer manufacturers and users were stuck if you had an old chip. After a particularly embarrassing math bug in 1994 that cost Intel $475 million, the company decided to fix the problem by allowing it’s microprocessors to load fixes automatically when your computer starts.
Starting in 1996 with the Intel P6 (Pentium Pro) to today’s P7 chips (Core i7) these processors contain instructions that are reprogrammable in what is called microcode. Intel can fix bugs on the chips by reprogramming a microprocessors microcode with a patch. This patch, called a microcode update, can be loaded into a processor by using special CPU instructions reserved for this purpose. These updates are not permanent, which means each time you turn the computer on, its microprocessor is reset to its built-in microcode, and the update needs to be applied again (through a computer’s BIOS.).
Since 2000, Intel has put out 29 microcode updates to their processors. The microcode is distributed by 1) Intel or by 2) Microsoft integrated into a BIOS or 3) as part of a Windows update. Unfortunately, the microcode update format is undocumented and the code is encrypted. This allows Intel to make sure that 3rd parties can’t make unauthorized add-ons to their chips. But it also means that no one can look inside to understand the microcode, which makes it is impossible to know whether anyone is loading a backdoor into your computer.
To be clear, he is not saying Intel is working with the NSA and has already installed backdoors on all our computers. What he is saying is that they have the absolute capability to do so, and there is no way for us to know if they have already done so or will do so in the future.
Your Computer May Already Be Hacked - NSA Inside
Below is an excerpt from a blog post by Steve Blank (original at http://steveblank.com/2013/07/15/your-computer-may-already-be-hacked-nsa-inside/). Steve Blank is a very well respected entrepreneur and angel investor in silicon valley. His history makes him particularly well situated to analyze this type of information and understand its possibilities (including stints in the military and "spook stuff" - his term: http://steveblank.com/about/).
Bottom line - If you are not scared of the NSA's power AND THE POTENTIAL FOR ITS ABUSE, you should be.
Bypass Encryption
While most outside observers think the NSA’s job is cracking encrypted messages, as the Prism disclosures have shown, the actual mission is simply to read all communications. Cracking codes is a last resort.
The NSA has a history of figuring out how to get to messages before or after they are encrypted. Whether it was by putting keyloggers on keyboards and recording the keystrokes or detecting the images of the characters as they were being drawn on a CRT.
Today every desktop and laptop computer has another way for the NSA to get inside.
Intel Inside
It’s inevitable that complex microprocessors have bugs in them when they ship. When the first microprocessors shipped the only thing you could hope is that the bug didn’t crash your computer. The only way the chip vendor could fix the problem was to physically revise the chip and put out a new version. But computer manufacturers and users were stuck if you had an old chip. After a particularly embarrassing math bug in 1994 that cost Intel $475 million, the company decided to fix the problem by allowing it’s microprocessors to load fixes automatically when your computer starts.
Starting in 1996 with the Intel P6 (Pentium Pro) to today’s P7 chips (Core i7) these processors contain instructions that are reprogrammable in what is called microcode. Intel can fix bugs on the chips by reprogramming a microprocessors microcode with a patch. This patch, called a microcode update, can be loaded into a processor by using special CPU instructions reserved for this purpose. These updates are not permanent, which means each time you turn the computer on, its microprocessor is reset to its built-in microcode, and the update needs to be applied again (through a computer’s BIOS.).
Since 2000, Intel has put out 29 microcode updates to their processors. The microcode is distributed by 1) Intel or by 2) Microsoft integrated into a BIOS or 3) as part of a Windows update. Unfortunately, the microcode update format is undocumented and the code is encrypted. This allows Intel to make sure that 3rd parties can’t make unauthorized add-ons to their chips. But it also means that no one can look inside to understand the microcode, which makes it is impossible to know whether anyone is loading a backdoor into your computer.
To be clear, he is not saying Intel is working with the NSA and has already installed backdoors on all our computers. What he is saying is that they have the absolute capability to do so, and there is no way for us to know if they have already done so or will do so in the future.
Profile Information
Gender: MaleHome country: USA
Member since: Mon Sep 24, 2012, 12:07 PM
Number of posts: 2,495
