I've been wondering the same thing. But would it be so hard to detect? Presumably the information would have to be sent to some server sometime. While I personally don't really monitor outgoing traffic, I think some people do. So they should have noticed something by now?
Yes, if you install a passive hole in nearly every computer made, well, having those computers phone home is silly. You call the target machine, when you want something.
Packet wouldn't have to crash the machine, just start up a more active trojan.
Hardware level trojan is relatively hard to develop.
I mean, it depends on what do you mean as a trojan. I think it is entirely possible to create a hardware trojan that sends some packets somewhere. It'd make a neat DDoS. :-)
Less likely is a classic trojan that gains control over your machine. Do not forget there are many layers between the userland and the hardware (eg, drivers, the network stack etc.).
It is a completely different story if evil Bob created both the hardware and the driver...
I have also been thinking about this. Makes me want to null-route any traffic headed for China/Russia. However, I'm much more paranoid about the ripoff Cisco equipment made by Huawei.
> especially in a potential future crisis where the PRC is disconnected from the net.
I don't follow. How does blocking out-bound traffic from going to China going to help you in a future where China is no longer even connected to the 'net?
If you force the PRC to establish command and control nodes outside of the country, then you're more likely to know of them ahead of disconnecting the whole country, plus their MO in setting them up and using them, so that finding the inevitable sleeper nodes will be easier.
Damned if I can figure it out now (time for bed) ... let me return to your question in the morning and see if I can remember my reasoning and if it still makes sense.
Personally I think that the Chinese government is directly, or indirectly behind a number of large botnets. Rather than advertising any particular server to sent data to, why not just open itself up to being consume by the borg^h^h^h^h botnet?
The first thing I thought of was Trusting Trust[1]. If the system is untrustworthy down to its lowest levels, it can also cover its tracks completely or nearly-completely.
When the writer asked a vendor of eavesdropping equipment about the legality of his products, the response ...
"Do you think this stuff doesn't happen in the West? Let me tell you something. I sell this equipment all over the world, especially in the Middle East. I deal with buyers from Qatar, and I get more concern about proper legal procedure from them than I get in the USA."
Do I think this is happening? I honestly don't know. I have no proof. What I do know though is that it's easy to do, hard to detect, and the Chinese government appears to be engaging in a massive IT espionage. That's a worrisome combination.
If I were in charge of any enterprise where I thought I had any reason to think that these Chinese authorities might be interested in what I was doing, I'd stop buying Chinese computer products today. Until this issue of Chinese cyber-espionage has been cleared up and cleaned up, I simply couldn't justify buying or using hardware that might be working against me. If you consider it for a minute, I think you'll agree.
Don't you know that a Chinese-made circuit board can take over your processor and network card to steal your information? If not, clearly you know nothing about how computers work!!11!
My iPhone to-do app phones home with usage stats. After I sold 5000 copies I had a user inquiring about the suspicious network traffic. There is practically zero chance that something like this goes undetected - you just can't hide this stuff.
This kind of thing is playing with fire but that doesn't mean it can't happen.
There were reports that the Chinese attack on Google involved leveraging the law-enforcement door that is in some Google servers. And there's the problem - any time one entity opens a back door, they run the risk of letting another entity take advantage of it. Despite competing with the West and liking the idea of a quiet back door, the Chinese state would likely be unhappy with something the telegraphs their willing to completely steal all Western IP. That would put a bit of damper on Western investment (why Western companies ever imagined that the Chinese wouldn't just take their IP is beyond me, but I think a lot of companies still think their safe in China and that's a benefit to the Chinese economy).
Yes, that extends to US-manufacturers as well as the Chinese.
If you are dealing with sensitive information then you should be doing some security audit of all the software, hardware and personnel that touch that information. This article adds nothing new and is close to being hysterical about Chinese manufacturers. I don't deal with sensitive information so I have less to worry about when it comes to where my USB key is made.
I can't help but wonder if this article kicked off a ddos from China. They've been pretty brutal about attacking anyone who questions or criticizes them for the past few years.
