"We're doomed, we're all doomed" - Private James Frazer
"Don't panic, don't panic!" - Corporal Jack Jones (This said as he panics)
It's interesting that most IT projects fail and the bigger they are, the more likely they will fail. Some of the posts re this and Google et all - I wonder if these will ultimately fail because no one can get their head round what's required. There is a likelihood that the snoops will just die under the weight of all that data.
Excuse me, there's a banging at the door....
This is not entirely new. In a similar, albeit not entirely related matter, chinese telecom manufacturers are not seen as reliable by some US legislators...
Don't know whether it happens or not, but there is no harm in being informed.
Sorry Rui, you're quite right. I still wonder however, if these people are as clever as they like to think they are - but through what they do, all sorts of bad things could happen...
IMO, the article should be in those newspapers where you see at supermarket checkouts ... together with gossip magazines.
If I say, "Easy to sabotage a dollar: just change the ink!" You may laugh. And that's why I laugh at this 'doping' crap.
Or, how about add a little bit of sand (read: silicon) to the semiconductor wafer? Or dial down the furnace temperature?
You don't have to do all thaaat to kill the million/multimillion dollar project (wafer runs and masks are extremely expensive). If you're that close to them, spit on it or just breathe on it (contaminating it). Voila! It's trash.
Even if an ordinary person sees a mask set, he/she probably would not know what it is, let alone creating a minor hidden change.
It might be easier to change/modify one digit of the government banknote. At least we know a note or a bank check looks like.
A brief and a very general description on semiconductor processing:
1. Cut to thin wafer of pure silicon.
2. Expose entire wafer to chemicals or chemical vapors to properly dope the pure silicon wafer to target properties.
3. Lay down first mask. Expose to chemicals again. Only the unmasked locales are affected by chemicals.
4. Repeat 3. several times to form transistors and components.
5. Lay down metal mask and expose to metalized vapor or chemicals. Exposed areas of the wafer form interconnects.
6. Repeat 5. several times to form multilayer interconnects.
7. More masks to finish and add protection layers to the wafer.
There are many more improved and/or proprietary processing methods and optical methods, ultraviolet, x-ray optical for examples. Electron beam direct write is another example.
It is like cooking an apple pie but in super hot furnace and in nano scale. Need teams of know-how people. Check and recheck. Cannot afford a single mistake. Yes, a single mistake. Sometimes ,a single mistake blows millions. And that's not important! It is weeks late!
So, you see? You don't have to go so sophisticated to 'dope and stuck a logic gate'. Just one guy drinks too much beer and makes ONE mistake. And that is enough. Just a 6-pack!
that said as full disclosure
i do not have a lot of faith in much of what bruce says
there are much worse things that are being done to chips
both by us
and presumably by foreign companies that our military buys chips from
i know that our IFF chips that we sell to other countries have a back door
so we can spoof them and also verify they are not trying to use them to spoof us
presumably there are many back door/trojans/scumware things that our security folks
are getting deliberately designed into chips both to hack us as well as the enemy (assuming there is a difference).
for all you know the old DES algorithm that presumably did not have a back door into it was secure,
but the chips that implemented it could have had one that told nsa how to decrypt that chips message.
fast forward and all bets are off. nsa/srv/mossad/whoever are all trying EVERY way to get access to ALL our content no matter how we try to hide it.
What I tried to say previously is that the original article tries to be hi-tech using technical words. Do it to attract attention.
The semiconductor processing steps are very delicate, easy to make mistakes, not to mention sabotage. But the whole thing has nothing to do with technology and semiconductor processing.
It has to do to with crying wolf and be heard. And to instill fear.
If followed the advice, every manufacturing step needs a political officer or security officer looking over the worker's shoulder ...
Are we going to make a baby step towards this 'goal', to create a vast security industry?
I agree with you, Rui, it's worrisome.
The tag line I took away from the article was "its a great example of the corrosive damage that the NSA has done to US cyber-security."
In the past there was always someone who questioned the US government's intentions with regard to security, but in general people didn't worry that much about it.
Now, however, with the Snowden revelations, I believe most people consider things out of control.
Big Brother truly is watching you.
Here are some suggestions from Bruce Schneier on How to Remain Secure Against the NSA: