back

Modchips of the State

Hardware implants in the supply-chain

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:36:51
Language
English
Abstract
Hardware implants and supply chain attacks have been in the news recently, but how feasible are they and what can we do about them? In this talk we'll examine the design of a proof of concept SPI bus hardware implant that has similar capabilities to those described in the Bloomberg/Supermicro article as well as some countermeasures that we can use to try to detect these "modchips" and increase our trust in our systems.

We don't know how much of the Bloomberg story about hardware implants installed in Supermicro servers shipped to Apple and Amazon is true, nor do we know the story behind the story and the reasons for the vehement denials by all the parties involved.

However, a technical assessment of details of the describe implants reveals that a supply chain attack on the hardware is definitely possible, that the capabilities of the BMC can be used to bypass OS protections, and that there are means to access the BMC that would not necessarily generate readily identified network traffic.

In this talk we'll examine the design of a proof of concept SPI bus hardware implant that has similar capabilities to those described in the Bloomberg/Supermicro article as well as some countermeasures that we can use to try to detect these "modchips" and increase our trust in our systems.

Talk ID
9597
Event:
35c3
Day
1
Room
Borg
Start
10:50 p.m.
Duration
00:40:00
Track
Security
Type of
lecture
Speaker
monoxyd
Talk Slug & media link
35c3-9597-modchips_of_the_state

Talk & Speaker speed statistics

Very rough underestimation:
137.2 wpm
755.6 spm
141.2 wpm
776.5 spm
27.9% Checking done27.9%
72.1% Syncing done72.1%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!

English: Quality control done until

Last revision: 11 months, 3 weeks ago

Talk & Speaker speed statistics with word clouds

Whole talk:
137.2 wpm
755.6 spm
bmchardwarefirmwaresupermicrothingssystemimplantdatasystemsprocessimplantspowerchipbootpeopleflashboardsfiletrammellattackinterestingserialpinapplesecurityprettyopenstorylinuxsupplysortconnectedchangespartscomponentsgood1questionmicbloombergapplausesmallchaininsidetrustmanufacturingfactory0code
monoxyd:
141.2 wpm
776.5 spm
hardwarebmcfirmwaremicrosystemsuperimplantthingsdataprocesspeopleflashboardsimplantssecuritysystemschipprettyconnectedapplepartsfilestoryattackbootsmallinterestingsupplychainsortinsideserialopengoodpin0bloomberglinuxattacksconcernmachinesdesignrunningpowerallowstpmtrustcompaniesfairlyfactory