Hacker News new | past | comments | ask | show | jobs | submit login

After reading "Ghost Fleet" by P.W. Singer and August Cole, the idea in there about China putting backdoors in chips sent to the US for years -- laying the 'groundwork' for an eventual cyber and physical invasion -- has really stuck with me. He makes the point in the book (which has tons of citations to describe the attacks/weapon systems) that even critical defense-related chips, for things like our most advanced fighter jets, are often still assembled/manufactured in China. But I imagine an equally useful strategy could just be putting backdoors in all the various things ordinary people order off Amazon each day: fast charger wall outlets, USB cables, etc.

I've always assumed that we just had a way to 'check' each chip used in critical industries, such as defense, if they came from another country. It kind of feels the same way it did the first time I learned how to pick pin and tumbler locks, and realized locks are purely an illusion of security.




US is already paranoid about sourcing components. Even European companies are asked to use US components when trying to sell to US. China is selling to the world. One confirmed case of backdoors and financial loses will be far greater than benefit of spying on average US citizen.

People like you are spreading propaganda. This is most likely propagated by organizations trying to bring manufacturing back to US. It is actually harmful because it distracts from security that matter. Every week you have US companies hacked by Russian hackers, but somehow IC security of USB cable should be important.


I am spreading propaganda by mentioning a fictional book I read, which made me think of potential security vulnerabilities? Things like a LAN Turtle exist, and have probably existed long before most people were aware of them.


For sure, P.W. Singer is unbiased. It just pure accident that he worked with U.S. Department of Defense and CIA and some books are on reading list of U.S army. He himself is selling his books as "useful fiction"(combination of research and fiction, wtf?).

There is a very thin line between unbiased facts and opinions and propaganda. For most people, electronics is like magic, circulating ideas about dangers to security where probability is low from both technical and economic point of view is not useful. Both old style printer yellow dots and recent CSAM are US ideas pushed to whole world in open and much higher level than individual IC components.


I think China's intention to surpass the U.S. as the dominant superpower by 2049, the 100-year anniversary of the PRC founding, is absolutely crystal clear and without doubt. They have said they would like to accomplish this through military means if necessary, but focusing on economic and technological means/"warfare" -- their term not mine (see "Unrestricted Warfare" by PLA Colonels Liang and Xiangsui written in 1999 on the 8 year anniversary of the Gulf War; https://www.c4i.org/unrestricted.pdf) In fact, the paper clearly argues for going to war with a more powerful adversary by using network warfare prominently. Full disclosure: I have not read the entire paper, but enough of it to get the gist since they clearly state their goals and intentions.

Now, is China doing something America has not done? Absolutely not. Is it crazy for a country to want to become more powerful? Absolutely not. Is it wrong for a country to do so? I would argue not, since their first responsibility should be to their people, and usually -- not always -- a more powerful country on the world stage is better for the people of that country.

I believe in a globalized world, I am not a nationalist, and think if the world could truly come together, it would obviously be better for all of mankind. However, I am also an American, and although I don't love everything about my country by any means, I am going to pick and favor my country over a foreign one when that country is clearly an adversary. Does that mean I want harm to come to China? No. Does that mean I wish ill-will of the Chinese people? No.

And for what it's worth, I don't think anyone is unbiased and believe it is unrealistic to expect people to be. I think biases are as fundamental (in good and bad ways) to being human as walking on two legs is. Biases are critical to how our brain/memory works -- we have something like 180+ known cognitive biases (https://en.wikipedia.org/wiki/List_of_cognitive_biases). I think the best thing we can do is recognize and acknowledge when we have bias, and factor that knowledge in to how we are thinking about a topic. For example, because of what I do for a living, if I see a positive story about the benefits of marijuana or crypto, I will initially be inclined to believe it may be true; the good ol' confirmation bias at work. But, I also usually try to stop myself, and think more critically of the information being presented, since I know that I am going to be inclined to have that bias towards the two topics. I feel as humans, that is the best we can do. Anyone who pretends to not be biased in any way whatsoever is lying. My father was a psychiatrist for 43 years, and I talked to him about this many times over the course of my life, and he agreed that he's never seen someone who did not have bias.


Maybe you could have / should have mentioned in the OP that the book is a novel.

It's in no way clear from your post alone that the book you're talking about is fiction.


That's my mistake then, if it still allowed me to edit the comment I would do so to make that more clear.


"which has tons of citations"


Chips != USB cable: https://shop.hak5.org/products/o-mg-cable-usb-a

> To get a cable like this, you used to need a million dollar budget .. It is packed with a web server, 802.11 radio .. The O.MG Cable is built for covert field-use, with features that enhance remote execution, stealth, forensics evasion, all while being able to quickly change your tooling on the fly. And, of course, it works just like a normal USB cable when not deploying payloads. Keystroke Injection payloads are transmitted out of the USB A connector. The Keylogger Edition ... adds a Keylogger capable of storing up to 650,000 keystrokes.


I think in china you could make one for a lot less than a million dollars. They have some pretty good electronic fabrication facilities there.


The problem is that we (USA) used to have 90% of all chip design and production.

Now we have less than 10%-15% of it because it was cheaper to outsource it to Taiwan, Korea or Japan. We created the problem ourselves by shunning manufacturing and wanting to be a "knowledge-service economy" which only sounds good in the abstract but you still need to have the hardware in trustable form and even worse: most innovation (easily 80% or more) in anything but especially in computers, only comes from innovation of the manufacturing process, and only AFTER that does any other innovation (e.g. software) FOLLOW - software is the tail, not the dog!


The book must have been the source of Bloomberg's horrible reporting with the "Big Hack".

> fast charger wall outlets, USB cables, etc.

This seems far more likely than supply chain attacks on enterprise hardware.


Calling something an illusion is the wrong way of looking at things because everything in life is about getting at least 80-99% there — to be “good enough.” Everything therefore is an illusion by that logic.

There’s no absolute guarantee that a seat belt will save you, or that no one will poison your water supply, or that your AWS service will always be up.

Perhaps we are no longer 90% in this space due to changing political climates but we were there before.


There are safety-critical systems, though.

Big vessels full of poisonous (but useful!) chemicals. Aircraft control systems. All carefully designed to be far more nines than 99% reliable - provided that the components behave according to their datasheets and how they behaved during validation.


And if it’s critical enough, that isn’t just left to chance after the initial design validation. There are continuous supply chain and acceptance testing checks that have to keep being run and managed. This is one reason the costs are higher.


There are a few ways this is dealt with in government. First is a requirement to provide engineering diagrams sufficient to rebuild a chip from scratch if necessary. When purchasing a few hundred thousand servers at a time from Dell or leasing space in Amazon's data centers, nobody is physically auditing that every chip actually matches the diagram, but they will randomly audit at least a few. If someone is shipping a bunch of motherboards that have undocumented backdoors on them, it will get noticed.

Second is network disconnection of the systems. Most exploits rely on remote access. If there is no network path from a C&C server to the infected host due to it not being exposed to the Internet and not having any kind of commodity radio capability, there isn't much an attacker can do short of something like Stuxnet, that is, just frying machinery instead of trying to exfil data or take over control. Something like that needs to be pretty tightly targeted, though. The factory line in China likely doesn't have any reliable way to identify exactly which chips are going to end up in US critical systems and only sabotage those.

Third is extremely thorough sandbox testing. Observe something for a long time in a controlled environment and see what it does. That is also something that is not feasible to do for every part, but it is feasible and is done for randomly selected equipment samples.

Obviously, different levels of scrutiny, testing, and security will be applied to, say, the public homepage of the Department of Labor versus the servers running blue force tracking for operational military units. In some ways, it is actually a lot easier to secure critical defense and IC systems than something like banking or email. Not having to expose an information system to external networks or allow arbitrary users signup access is already a huge first step that simplifies the problem space a ton.


You need to know what are you looking for in a potentially hostile device. I really like the story about The Thing: https://en.m.wikipedia.org/wiki/The_Thing_(listening_device) You’ll never know what opponent has discovered and using for his advantage.


Interesting, but what is the source?


Has there been a single case where a backdoor by a state actor has been found in a chip?

I've often thought that if they were going to do it, we would have heard about it by now.


Earlier this year Bloomberg double-downed on it's infamous 2018 "The Big Hack" story with "The Long Hack", https://www.bloomberg.com/features/2021-supermicro (Oddly it seems to have snuck under everybody's radar, including on HN.)

In The Long Hack they not only reiterate the same claim regarding SuperMicro motherboards, they reference a 2010 criminal case involving counterfeit Cisco hardware in which a witness (Marine Staff Sergeant on active duty at the time, thus speaking for the military) discussed supposedly chipped IBM-branded Lenovo-built laptops sent to the military circa 2008. (The counterfeit Cisco hardware case itself seems a less interesting example as it simply might have involved trojan'd firmware, which is sadly quite common.)


I wonder how easy these attacks are to control. The reason the great powers signed the Geneva protocols against poison gas use is that the gas was as likely or more to cause problems for the user as it was for the enemy. The same applies to biological agents.

Once you push parts into the supply chain you can’t really tell where they will end up.


>Once you push parts into the supply chain you can’t really tell where they will end up.

That's why I wonder if it wouldn't be a good, "broad spectrum" attack. I imagine aides to key Senators, Congressmen, White House staffers, C-suite people at defense contractors etc. buy all sorts of devices off Amazon, which they plug in without a second thought like the vast majority of us do. Obviously, 98% of the people plugging in the devices aren't valuable from a military/intelligence perspective, but even if only 1 in 10,000 targets was worthwhile, I imagine there would be a few that were goldmines of information.

On the other hand, I imagine if it was that sophisticated of an attack, the more devices you have randomly "in the wild" increases the chances it is discovered potentially, which could then nuke your whole operation. I remember in the Snowden docs, the NSA's TAO was sometimes intercepting orders for laptops etc people placed online, carefully placing backdoors in it, then sealing it all perfectly back up and putting it back on track for delivery. It arrives and you think it's safe since it's factory sealed and you got it brand new from a reputable retailer. That's a more targeted example of the same concept




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: