What do i think of the whole deal?
This could be an ANT Catalog moment, or it could be a BadBIOS moment. We have reporting on some pretty amazing capability used in a way we haven’t seen before.
The @NSAPlayset explored what was possible with off the shelf versions of ANT catalog tools, and saw it was all entirely feasible for the general public - but years later. #radbios
showed us some of the BadBIOS claims were feasible.
I’m confident there’s some truth to the story. I am also confident that details get lost in translation. Even savvy software security experts fumble nuances in hardware details, so I can only guess what a real-world game of telephone looks like at the other end.
There’s recent news about some really interesting hardware implants. I wanted to take a bit to share more technical thoughts and details that can’t be reduced to a mainstream article on the topic.
The core of the claim is that someone implanted extra components on some server motherboards that would do malicious stuff, subvert the system and possibly allow it to ‘phone home’. I looked at the claims through a technical and feasibility lens.
I’ve studied hardware implants for a few years now. I’ve done multiple reviews of server hardware looking for backdoors. I profit, via @securinghw and @SecureHardware, from people being more interested in hardware security.
That’s the extent of my knowledge. I have no specific information about the implants being reported on. I do feel like my background qualifies me to comment from a technical perspective.
First, how do we build a hardware implant?
With hardware access, there are plenty of ways to backdoor a server. Someone knowledgable could quickly pick out a dozen well marked places malicious firmware could hide on a board and dozens of more components large enough to contain a capable implant inside them.