Security backdoor found in China-made US military chip

ermmmm ..... Microsemi (previously Actel), the designers/manufacturers of the chip is an American company, so I don't know where the anti-Chinese rhetoric comes in. Actel was a fabless designer, i.e. they designed the chip, and let a fab produce it for them, so, the "backdoor" was designed in by Americans. In 2010 Actel was taken over by Microsemi, another US company with fab-plants in the USA, Ireland and Shangai.

Microsemi

reply to post by Nspekta


yes, it is possible, if you design an access port to JTAG and connect it to the outside world. This article just talks about the chip, and well, if you design a PCB to give you access to the JTAG-port in a product, that is just plain stupid, as I can do anything to that chip if I have access to the JTAG port. It is and remains a testing and debugging port. In those products I spoke of, in which the JTAG port is accessed, well, you need to modify the hardware to gain access to the port. Somehow I doubt that your military would be so stupid as to outsource PCB design to foreign countries, because then they can design in what they want, but the article wasn't about that, it was about the JTAG port on a chip. Normally, in a product still under development, there would be a connector fitted to the board for JTAG access, but when your product hits production, that connector wouldn't be fitted, and the testers use a bed-of-nails to make contact with the port.

It is the same as giving you direct access to the power pins of the chip, from the outside. You just don't do that. And as for reprogramming the chip, you don't need access to the JTAG port to do that. There are many different ways of reprogramming a chip. The thing is, that access to the JTAG port gives me low-level access to the chip, and this article just says, that it might be possible to read back the code, even though it is encrypted, and the fuse-bit has been set, so that you are not supposed to be able to do it.

bit off-topic.... For all you mac-freaks out there, and all PC's with a firewire port, there is a similar backdoor on the Firewire interface. Without knowing your passwords, or anything, I can gain direct access to your whole computer via the Firewire port..... (and the specs for that were not written by the Chinese)

And now you know how Iran "shot down" one of our drones, and some of you may recall a story a few months ago of a virus that keeps popping up in our drones. And if you search the net for drone crashes at Holloman AFB you will see it's pretty common for them to go down.

We have got to get our govt and our corporations under control. Why in the name of god do we outsource our national defense to the friend of our enemy. Actually, every now and then, a top chinese official will call us their enemy.

reply to post by SLAYER69

Yes, everyone always think of the mainland, think Taiwan. Check out all the electronic corps and government facilities and you may see a different picture emerge. Not trying to change your opinions, just offering a different perspective. .

A) People that think we're ever going to pay China back are funny. It's funny to see people bring that up all the time.

B) The only equipment that would be vulnerable to a compromise would be something we'd allow to be compromised. As massive as the military industrial complex is (I deal with their buyers all the time) there is a method to the madness.

Something vital to national security would have really tight bid restrictions and probably specify that the Chips & DSP come from a particular vendor who has clearance.

Originally posted by beezzer
It's not the fault of the military.

It''s the fault of the procurement office (civilian). They go by costs and bids. (Usually done for political favours) they pick a contractor that can provide the cheapest cost for the chips, and they don't care where the chips come from.

The contract agency then goes to a supplier and says, "We need n-amount of chips".

The supplier goes to the cheapest manufacturer (China) and orders the chips.

China, says, "Bazinga!" and creates the chips with the back door.

QED

You're right, and it begs the question......is the U.S. military cheap or stupid? The answer is, in cases like this....both. When it comes to the art of war, they have the best minds in the world. When it comes to business, and even security for that matter, they don't have a clue what's going on. People need to realize this if they want to understand the U.S. military. They're stuck in a kind of time warp when it comes to how they operate. The technical side of everything has passed them by. They can still function, but just barely and that's because they don't budget for technical upgrades when they should. They just budget for more bombs and guns. That's where their mindset is. It wouldn't surprise me one bit if someone told me they still operate on a DOS system.

Buying from China might seem like a good idea from a business perspective, and 9 times out of ten it is. But not when you're supposedly so concerned about national security. This should tell people right here that all this national security talk is a joke. What the military is doing is the equivalent of a business having 100 security cameras but no one to man the monitors.

This "fight hard not smart" mentality might still be working for them, but not for long. Ask anyone in the business world how you get to the top and they'll tell you that you start by working hard and finish by working smart. This is what our military needs to do and they need to get busy with it.

hmm... I wonder if the GSA procures these chips like they did the counterfeit routers and switches. if so, it'd make sense after all the GSA scandals lol

to think, documents etc pertaining to national security are compromised because the GSA wanted to save their budget for parties instead of springing for stuff not made in china ( I know, thats very hard to find).

You guys are about as dumb, as a donkey ...

ALL these chips, are designed in the US. Any chip that has "major" workings inside a military complex, is also "manufactured" inside the US.

Every manufacture, that is sent to China ... China is merely a subcontractor. What is being sent to them, is a "film" containing the layout of the silicon, and not the Schematics. When the chips are returned, they are taken by the "main" contractore, which in this case is a US based company, and the film is verified with the chip.

So, if there is a backdoor in the CHIP ... that Backdoor is DESIGNED AND MADE IN THE US of A.

Which also makes perfect sense, since the US is the biggest manufacturer of weapons ... it sells its weapons to about every country in the world. It would make perfect sense for the US to have a backdoor into the systems, so they can take over any system their enemy has, that is made by them.

What is to be "understood" here, is that China should be careful copying US and western products.

Originally posted by Hellhound604
The JTAG port they found that contains vulnerabilities, is an engineering/testing port. It cannot be used to hijack equipment making use of the specific series of chips.

Ok, so ... there are two scenarios here ...

A chip, manufactured in China has a J-Tag port ... which requires it to be designed into the chip, from begin with.


So, either the chip is designed in the US and manufactured in China ... or it's designed and manufactured in China.

In the first case, it's the US that created the port and then it's being used as a means to attack China, as a manufacturer.

Or B, in which case I seriously question US military capability ... as the on/off button, probably resides in China.

reply to post by Dreine

Concur completely

Sometimes it amazes me how far off some of the theories and assumptions are on ATS about many things in General including Military

Originally posted by bjarneorn
The US is the biggest manufacturer of weapons ... it sells its weapons to about every country in the world. It would make perfect sense for the US to have a backdoor into the systems, so they can take over any system their enemy has, that is made by them.

Which is also known and several countries place tougher requirements for military procurement related to US. Its nothing new.

While everyone is saying "OMG, China has made a backdoor into US products", the reality is that if China makes illegal knockoff copies of this US designed chip for its own purposes then it is closer to "OMG, China has opened a backdoor to let the US into its products!"

reply to post by GAOTU789


Who the Hell does the procurement for the US Military?
Who's the Fraking idiot who need's to be drawn and quartered here.
Ok, Cina can cyber us down anythime they wish. That's just Marvelous.
I saw a B movie the other day about a stealth ship firing missle after missle and sinking and hitting land bases. The also had a projected EMP weapon which knocked out all elctronic circuitry.
The olny defense we had was an Old Battle Ship with analogue tech from the 40's and that was our only rescue.
Happen's it was a group of aliens who wee trying to get us to wipe ourselves out and they pick up the pieces.
Why we put all our trust into HAL is beyond me. Why we have become dependant of Red China is another big questions, Did we think for one minute that Red China wasn't Red China?
Now the Pentagon ( FEAR, Federal Dept of eradication, annihilation and retailiation) is relocating moost of our Navy and Forces to the Pacific. And all China has to do is throw the Thrid switch, Oh no not the thrd switch.
hina could very well be provoking us to put our Fleet into their pond. We forget Pearl Harbor don't we.
Imagine all those trillion dollar weapons and ten's of thousands of our boy's dead in the water.
I can see it, and I must be a Prophet of Doom and Gloom never wanted to be..
As in Good Bad and Ugly, May God have Mercy on our Souls.

reply to post by RefereeWhat


ok u made me sign in,,lol
and its Sunday!,,

so far i have seen

HAL

as in "yes Dave"
which i used here

www.youtube.com...

Fraking idiot,,thats new,,

Fraking,,,

Old Battle Ship,,thought that was a deoderant,, lol

Red China,,ya agree.

this,,FEAR,
Federal Dept of
eradication,
annihilation and
retailiation

your serious?? F.E.A.R
first off,,your serious,,
fear dept..FED Govt.

whats next S.H.E.I.E.L.D
and Nick Fury,,and yes he is a white guy.

ok,, i'll play ,guess Britons
High level responce team,,,

H.Y.D.R.A

i kid u not.
and they wonder why.
anyone do a face palm,,

Me.

reply to post by GAOTU789


Of course they have, i thought that much was obvious, soon as i learned that the f--- morons outsourced to a chinese company to make these chips. That is what they do, no surprise here.

Why do you think they are so ballsy? The military technological infrastructure is compromised to a degree and from that Red vs. Blue wargame, a flaw like this is enough to cost countless lives. China is smart thou, they won't invade.. just prevent us from going out