The dispute over Huawei’s access to TSMC has highlighted how vulnerable American industry is to the loss of its sole supply of advanced chips. If the matter cannot be solved by negotiation, China may perceive the restrictions as economic warfare and rapidly escalate, potentially threatening Taiwan. It is not at all clear that Washington has thought through the consequences of its actions here, nor that the current administration has considered chip supply as part of a wider supply chain security and national industrial policy. Given that China has more positive options than the United States, it is surely time for those in charge to consider where this might lead.
Tag: security
SoC Opensourcing
Beyond the NDA blocks, there is typically a deeper layer of completely unpublished documentation for disused silicon, such as peripherals that were designed-in but did not make the final cut, internal debugging facilities, and pre-boot facilities. Many of these disused features aren’t even well-known within the team that designed the chip! Thus a typical SoC mask set starts with lots of extra features, spare logic, and debug facilities that are chiseled away (disused) until the final shape of the SoC emerges. From a security standpoint, the presence of such “dark matter” in SoCs is worrisome. Forget worrying about the boot ROM or CPU microcode – the BIST (Built in Self Test) infrastructure has everything you need to do code injection, if you can just cajole it into the right mode. Furthermore, SoC integrators all buy functional blocks such as DDR, PCI, and USB from a tiny set of IP vendors. This means the same disused logic motifs are baked into 100Ms of devices, even across competing brands and dissimilar product lines. Herein lies a hazard for an unpatchable, ecosystem-shattering security break!
Secure EXIF
A proposal to build a kind of cryptographically secure exif to make it much harder to spoof both image contents, as well as their metadata.
Attacking GPUs
this is an amazing tour de force, but also a very sobering reminder how large the attack surface still is.
Audio Lockpicking
the sound of your key being inserted into the lock gives attackers all they need to make a working copy of your front door key.
GPS Vulnerabilities
jamming has been around for a while, but now there’s also software-based spoofing. given that billions of devices rely on GPS, this is not good.
Speculative Dereferencing
The effect exploited in all of these papers is caused by speculative dereferencing of user-space registers in the kernel. Hence, mitigation techniques such as KAISER do not eliminate this leakage as previously believed.
gVisor
Sandboxing and Workload Isolation
gVisor implements basically all of Linux in userland. Processes. Devices. Tasks. Address spaces and page tables. Filesystems. TCP/IP; the entire IP network stack, all reimplemented, in Go, backended by native Linux userland.
The pitch here is straightforward: you’re unlikely to have routine exploitable memory corruption flaws in Go code. You are sort of likely to have them in the C-language Linux kernel. Go is fast enough to credibly emulate Linux in userland. Why expose C code if you don’t have to?
Roof Koreans
While most are primarily armed with “America’s Rifle,” the AR15, the weapons are as varied as the people, from pump-action shotguns to FN Scars and expensive NFA items (such as machine guns). Similarly, the level of personal equipment sophistication ranges from walkie talkies and flashlights to encrypted radios and night vision.
Rust in Windows
it seems microsoft is considering rust as their systems programming language.
Gregor J. Rothfuss 