In an interesting story covered by the Australian Financial Review it is revealed that experts think the NSA has hardware level backdoors built into Intel and AMD processors. Steve Blank, recognised as one of Silicon Valleys leading experts, says that he would be extremely surprised if the American NSA does not have backdoors built into Intel and AMD chips. His reason is that the NSA finds “hacking” through backdoors significantly more simple than trying to crack encryption. For example trying to crack AES 256 bit encryption would require the power of 10 million suns to crack at the current TDP of processors. Steve Blank therefore claims that because cracking encryption is so infeasible the NSA uses hardware level backdoors instead. Steve Blank said that these suspicions arose when he saw the NSA could access Microsoft emails in their pre-encryption state and so he knew there was another way in.
Edit: Jonathan Brossard personally got into contact with us to inform us that such statements made by the AFR about his opinions and research were indeed misleading and not factually accurate at all. Jonathan Brossard claims that if you read his whitepaper from the Black Hat 2012 conference, which can be found here, it will give a totally different understanding of what he was actually saying as opposed to what the AFR interpreted him as saying. We would like to apologise for passing information onto you from the AFR that was factually inaccurate. Jonathan Brossard stated that:
“The CPU microcode update mechanism is a documented feature which helps Intel and AMD fix CPU bugs. Even if this would be an interesting attack vector, you must break strong asymmetric cryptography before you get to push microcode updates to a CPU. The article from the Australian Financial Review is misleading, and doesn’t bring the slightest proof that Intel or AMD are sharing those cryptographic keys with [the] NSA. I do not personally think [the] NSA is backdooring Intel (or AMDs) CPUs.”
Though after all that there are of course those who will say this is complete nonsense and that the reason it is undetectable is because it does not exist and it is just conspiracy theory. Indeed Intel has denied such speculation.
I myself am not sure what to make of all this but what do you think? Does the NSA have a hardware level backdoor built into every modern Intel and AMD CPU?
Image courtesy of WCCFTech, Information from AFR.com via WCCFTech
Of course they do.
I was afraid of this and that’s why I still use a 33 MHz i286 processor along with SLi’d GTX Titans for 4 k gaming. 😛
All that PCIe bandwidth
Oh wait
I mean AGP
AGP on a 286? Surely you mean ISA Master Swaggins…heh
You must have overclocked your 80286 because I thought that my 25 MHz Harris Semiconductor part was the fastest 286 ever made.
Yes, everyone is out to get me and I’m debating going to live in the Scottish Highlands as a hermit in a stone hut.
Yes, yes they do.
While plausible, it’s a bit tin foil hat.
It makes sense that they would want such a thing but i would of thought security experts would have located such a thing by now.
It’s not even plausible tbh. This is in the same realm of plausibility as the ‘two idiots, one keyboard’ clip from NCIS…except even that is more plausible than this.
Hardware backdoors are completely plausible. if you look at the amount of code architecture Instruction Sets (x86-64, SSE 4.1/4.2, AVX 2.0 etcetc), it wouldn’t be hard to have an instruction embedded in there to allow for such a thing. like i said, completely plausible, just very unlikely.
not too mention the ability to actually take advantage of it on live systems is not in the realm of possibility. in theory it might help gain access to data on a subset of systems that they have in their physical possession. the groups they need data on aren’t going to be using cpu optimizations on their encryption algorithms on sensitive data for precisely this reason. and they can’t use this on live systems as they don’t have the resources necessary to backdoor all of the global internet infrastructure. as they cannot attempting to utilize it would not get through a consumer router let alone any secure designed systems. it would also lead to very quick discovery when it does get stopped at the network level.
Intel Management Engine Backdoor:
https://it.slashdot.org/comments.pl?sid=10717233&cid=54579757
the nsa is gonna be the real world skynet in my opinion they want to much control on our freedoms
*rolleyes* This is just too far-fetched.
Too far fetched for an organization like the NSA that is spying on everything? It’s reality.
You obviously don’t read the news.
Really? Ask the employees at the Utah Data Center! 😉
Obviosly you have not heard of a plaec called BLUFFDALE UTAH. The NSA has a massive data center there collecting everythign you do.
greetings from the future
I’m a little confused about why they would bother. There are at least 3 levels of abstraction between my CPU and the NSA. There’s the internet, then the OS then a kernal. Even encrypted e-mails are in plain text on my hard drive and in memory. So its kind of like saying ‘The government has nukes!’ when in fact they also have knives, guns, hand grenades and all other sorts of things they can kill me with. If it bothers you, run Linux, problem solved.
the NSA have developed code that has been put into the linux kernal. look it up 😛
Yep 😛 – http://www.eteknix.com/nsa-has-code-running-in-the-linux-kernel-and-android/ – shameless self advertising
Yes they have, the NSA developed quite a bit of Linux’s security suite. While I’m not qualified to audit the NSA’s work, anyone who wishes can view the source code. The NSA, just like any 3 letter agency is capable of doing 2 things at once. In this case simultaneously working to secure American computer infrastructure against attack from ‘cyber-terrorists’ and recording everything that has ever been transmitted over copper since “Watson, come here I need you”.
shameful article.
Raspberry Pi for the win.
Indeed, too cheap to insert a backdoor into!
Perhaps an Open Source CPU, etc. reverse engineering program could settle this. All this article contains is guesses. It;s possible, but hardly established fact.
Great, NSA will just backdoor the motherboard’s chipsets and bypass the CPUs. There are OpenSource CPUs, for example I think Sparc do one.
American Government is disgusting and corrupt.
Imagine what the governments who are much less transparent are up too.
Remember when you were a kid, and Mom & Dad LEFT for a few days, and you went nuts with all the yummy foods, even alcohol? Had friends over, cooked stuff you were not able to cook while PARENTS were home? Mischief, right? Multiply that by ba-zillions, and THAT is what I think happened to our GOV! So…..do I think the NSA/GOV would sample my stool if given the chance? YES!
Ok, let’s assume that there is this backdoor and that the NSA can use it to gain access to servers … and then what? Is there a kind of magic packet can go through any type of network equipment, firewalls, and other probes of any brand and manufacturer and of any country without a trace?
Is there some research that can provide some concrete data without digital legends of unicorns? 🙂
agreed. I think this is more of a situation where encrypted data that is physically possessed by NSA can be accessed.
Intel’s AMT allows remote access to literally every part of the machine, including what’s in RAM at any given time. Do you honestly think that isn’t being exploited?
Not too bright are you: https://en.wikipedia.org/wiki/Intel_Active_Management_Technology Read the whole thing and notice just how much can be accessed regardless of firewalls. There’s a reason Russia is developing its own microtechnology for military applications, and why western governments banned the use of certain computers (Lenovo iirc) for certain uses. You’ll get the digital ecosystem you deserve if you don’t have at least a healthy level of paranoia.
Let’s suppose? The evidence is everywhere and overwelming… it’s not a theory anymore, it’s proved conclusively.
Back to sleep little sheep. No need to worry.
lmfao. and someone showed the 2048 embedded key in all microcode updates.. and it is hilarious to think of those who haven’t get actually got that NSA do* have access to the keys. When openssl was back-doored recently, they had ot sign 200 NDA’s. WIth their 2013 budget to subterfuge both US and non US tech firms, they have 250 million US dollars to do so…. Intel and AMD being American have no say. Actually, it is quite so ironic, the saying “google is your _friend_”.
Ain’t no tin-foil stuff any longer with a neo-facist state unfortunately.
Yeah! And they power it with their perpetual motion machine!
Does it hurt to be that stupid? I imagine it feels great thinking everything you read on the internet is true, does it?
“and doesn’t bring the slightest proof that Intel or AMD are sharing those cryptographic keys with [the] NSA”
Yeah, my ass they arent. As if they have any option after Patriot Act, NDAA… They cant even tell about it.
Government owns the instructure of the network, so they can MITM all the public keys that get exchanged. Public key exchange should be encrypted to lock out the government. There needs to be a solution to the Byzantine’s Generals problem, like blockchain did with the “mining race” which ensures that only one person can mine the block, and the second person to mine it knows that they failed to mine it, and vice versa.
Old news … more than 10 yrs ago we new that
it´s now reALITY; WE HAVE THE #BACKDOOR FOUND.
see https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
1984 is now!
It’s now confirmed, it’s exist it’s prouved and it’s certainly the NSA which is behind
Seriously? Everyone is still debating about whether there are backdoors?! C’mon! Of course there are! Please get over the “tin foil hat geez you must be a paranoid conspiracy nut” nonsense. It isn’t about “being out to get us” ITS ABOUT CONTROL. In case none of you have noticed, they want control over *everything*. What the heck do you think smart meters and the Internet of Things is about? They will know everywhere you go, everything you do, everything you say and they are working on knowing everything you THINK. Who cares if you’re law abiding and have “nothing to hide”? Anyway, there are so many laws, I guarantee you’ve done a dozen illegal things just today! They want to CONTROL you, me, us, everybody and everything. It’s been the dream of the power-mad since the dawn of time. Only silly American Millenials, who know NO history, are foolish enough to debate it!
And the best part of everything is listening to these Conservative talking heads running radio talk shows all tell us to vote Republican. LMAO! These momos all believe the Republicans are all for America & it’s citizens whereas they’re just the opposite side of the same coin as pertaining to the Democrats. If they were all for us, they’d have abolished the laws for the illegal Obamacare. But they won’t. Why? Like you said, all they want is absolute control over every facet of our lives.
End of discussion: https://www.wired.com/2016/06/demonically-clever-backdoor-hides-inside-computer-chip/
Use your brain. If the government is recording every single phone call made with Amdocs (Israeli company) why would you refuse the same logic regarding computer hardware? Intel and AMD (Israeli company) are recording every keystroke made around the world. Having the ability to spy on everyone is the Israeli dream and the NSA is front organization.
Love that video of the computer build!
You should update this article since the Intel backdoor (IME) was found.
Now we just need to find the AMD backdoor, which is undoubtedly present.
amd PSP is amds version of intel me
it has already been found.
Intel Management Engine [ME] from chipsets (starting with GM45, 2007-2008) or even the most mysterious MINIX of the Trusted Execution Engine (TXE). It is assumed that AMD has something similar recently hidden under the name of “TrustZone” … so there is no paranoia, everything is really real!
I’ve always thought the name “Intel” was suspicious. Intel on whom?
does it happen for nvidia gtx and rtx?
Nope. At the time this article was published, it was not yet proven that the NSA has Intel private keys, but that’s a known breach now. AFAIK Nvidia hasn’t been compromised.
Nope. At the time this article was published, it was not yet proven that the NSA has Intel private keys, but that’s a known breach now. AFAIK Nvidia hasn’t been compromised.