Pure Raw Power = Actel! but with a backdoor..

July 5, 2012

Sometime ago, a research done by US Military *suggested* that the Actel/Microsemi ProASIC3 chips with sophisticated encryption revealed a backdoor (not like the computer OS backdoor) being in the eye of the storm, China about this problem. Since the Chip is manufactured in that Country.
The ones who don’t know Actel, this is being used in many devices in differents areas. Funny fact this one is the most *common* to see in the scene, progskeet has one as TB. Any hardware flasher that needs some serious options to resolve certain problems, the best solution = Actel (low cost)

Problem is with so much power comes a bigger responsability and seems that Actel has a big, nice and not covered backdoor.
Just to quote something:

“The backdoor is only available on the actual silicon and is has not been detected in any firmware loaded onto the chip.
Traditionally, bugs or flaws in firmware are easily fixed with a patch. No fixes are available for the actual hardware of the chip or silicon which makes the group’s findings even more alarming since the devices are actively deployed in the field. Skorobogatov further states, “This permits a new and disturbing possibility of a large scale Stuxnet-type attack via a network or the Internet on the silicon itself. If the key is known, commands can be embedded into a worm to scan for JTAG, then to attack and reprogram the firmware remotely.” The only known fix would be to recall all chips in use for replacement, which is highly unlikely at this point.”

The chip has an unique KEY that if it get’s in the wrong hands can lead to a nice large scale problem. Someone knowing that UNIQUE key can do pretty much anything he wants. When the quote makes mention to Stuxnet = Stuxnet is a computer worm that attaches itself deep into a computer system (usually SCADA equipment) discovered in 2010 labeled as the 21th century trojan horse.

Here the thing get more complicated:

This (issue) has sparked much debate in the chip community and again raises the question as to why some of our highest security electronic devices are being made in a region that is widely known for stealing intellectual property rights (ring any bells?) and leading the trend in counterfeiting devices. Even if this case isn’t found to be designed with malicious intent, doesn’t this keep the door wide open for that to happen in the future?.

The chip is used by low cost and high and wide *options* that can offer. This catched my attention, in may some news portals posted about the risk of using this chip, someone halted on a boing 787 that with this backdoor problem that could allow the chip to be taken over via the internet.
The back door may have been inserted by Actel itself (they think but the opinions pretty much divided about who actually created that backdoor), whose ProASIC3 chip is used in medical, automotive, communications and consumer products, as well as military use.

What you think?.

Cyber Attack concern on 787 boing
Microsemi denies Chip Security

P.s: I know it’s not a PS3 news, but it’s related in some way.

Tweet this!Tweet this!

Previous post:

Next post: