Friday, January 08, 2010

Putting Trojan Horses on Chips!

This is a story about a contest to put Trojan horses on chips. Very interesting from an hardware hacking perspective, as well as a trusting trust and supply chain security perspective.
5 January 2010—In November, engineering students from five top universities gathered at the Polytechnic Institute of NYU, in Brooklyn, N.Y., for the Embedded Systems Challenge. The aim was to test new attacks and defenses against an underappreciated breed of Trojan horse—embedded malware built into integrated circuits.

The winning team’s results, set to appear in journals and at conference proceedings in 2010, reveal how vulnerable many systems are to "chip attacks" The contest also demonstrated the high degree of technical sophistication required for these attacks, making it more likely that attackers will pursue specialized applications, such as sensitive military equipment or high-security financial computers. Attacking Dad’s new Windows 7 PC probably isn’t worth the extreme investment of time and money—especially when cheaper and quicker phishing and software-based malware attacks still work all too well.
Definitely worth a read!

Gadi Evron,

Follow me on twitter!

No comments: