Announcement

Collapse
No announcement yet.

NVIDIA To Begin Publishing Open GPU Documentation

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Trust nothing, but video drivers are the hard way to backdoor Windoze machines

    Originally posted by dee. View Post
    Post-Snowden, we should all realize that we can't trust any legal safeguards in these kinds of matters, at least for US-based companies (and probably also at least UK, Sweden and Canada). We already know that NSA can give secret orders to companies to install backdoors to their products, and then order them not to disclose this to anyone. It's a full-on totalitarian society. They already did this to most proprietary encryption software.

    No, the only guarantee is total openness of all system-level code. We can't trust the law to protect us from totalitarian spying.



    Like said, it's not a matter of Nvidia's motives. They may not have any choice in the matter.
    I've given some thought to the danger of NSA spyware in video drivers and/or firmware, and here's my conclusion: It's not impossible, but if they could spy on all the Windows boxes via the
    video driver (or the CPU firmware, etc) than why bother also putting the backdoors into Windows and closed encryption products they've been caught with? If you have keylogging on any targetted machine, you don't need to take extra chances of discovery by putting additional spyware into Bitlocker and other commercial encryption products. The backdoors on routers they are suspected of would be for metadata the computer never sees, and in case they want to spy on communications from secure computers used on insecure networks. In short, it's the router, not the videocard, that you really can't trust.

    I don't use proprietary drivers, but I also figure those tiny AMD or NVIDIA firmware blobs would be the real hard way to insert a keylogger, given that the keyboard does not report to the video card during boot when I enter encryption passphrases. On a machine with a proprietary driver, I will only mount an encrypted device after boot from the console, only if X and the proprietary driver are not running at all. This way any spyware in the driver would not be running. Still, unless the spyware was designed to sleep unless "phoned from home," someone with Wireshark would find it by comparing packets with and without the driver, and with and without the firmware. Can you imagine what would happen to Nvidia if it got out their video driver was sending email passwords to an advertising server(or other adversary) and someone else's video driver did not? Surely they know that not only us, but commercial rivals will pick over those firmware blobs in hex editors looking for tasty tidbits? Biggest real-world dangers are wireless keyboards (surely use weak keys, sometimes NO encryption) and weak passphrases, same as always.

    Still, there is a difference between securing a computer that might contain photos of windows being smashed at a raid on a globalization summet, and a computer used to communicate with the latest defector from the NSA. In the former case, the NSA won't reveal any backdoor not previously known, so a firmware backdoor would PROBABLY sit unactivated and unused. Hell, they would have probably let the Vail fire ($30 million in damage by the ELF to a controversial ski resort) go unsolved before they would have revealed PRISM in open court to get an arrest warrant. That's because PRISM probably cost more than all of Vail. For what the ELF was doing, a new computer bought out of town with cash, Windows never activated, used once only for the mission, then destroyed is probably security enough.

    On the other hand,if you are in fact handling "Top Secret" information from a defector in the NSA or the Pentagon, things change. A computer doing something that can alter the course of war or diplomacy needs to be 100% isolated from opponents of its user. Word is the machine used for the Snowden documents was bought new, never connected to any network, never activated Windows. I would guess this used Coreboot under DM-crypt under a stripped Linux distro with only the needed software, no firmware blobs, and no networking hardware installed. Any communications would require a separate computer, passing data by flash drives only. You only get one bite at THAT kind of apple, and at that level you use every possible layer of security against every threat you can dream up, compromising only if a proposed defense would make the mission impossible. You don't need to be able to run games or a 3-d desktop on a machine used to handle the take from a mole inside the NSA!

    Comment


    • Originally posted by chrisb View Post
      Tunnel it over something innocuous, or use local wifi/lan/usb (depending on degree of compromise of target system/network/physicality).
      And no one's gonna find out eventually? Unlikely. Any admin worth his money will see something suspicious when the stuff passes through the routers.

      Note: I'm not talking about how to detect this on your own machine. I mean detecting it *in general* so that information comes out that this stuff even exists. For example, lots of people are infected and part of a botnet. But we *know* that botnets exist. The people infected might not know, but it's common knowledge that botnets exist. If hardware backdoors appear, it's a matter of time until their existence too becomes public knowledge.
      Last edited by RealNC; 09-28-2013, 06:20 PM.

      Comment


      • Originally posted by Ramiliez View Post
        You are talking about this?
        http://www.prisonplanet.com/secret-3...pc-access.html

        Every backdoor is double edged sword in case of non-removable HW backdoor it would leave NSA computers vulnerable. Worth mentioning is fact that nothing is manufactured in USA anymore just look at your Intel CPU
        Yeah that article is the biggest contradiction. Let's put backdoors on every bit of hardware, including our own. So if everything is so damn vulnerable?? Then why have security in the first place. How about the idea that your power supply is secretly also a network device. And that the very power going into your machine could also be another way in. Hah.

        Comment


        • Originally posted by b15hop View Post
          How about the idea that your power supply is secretly also a network device. And that the very power going into your machine could also be another way in. Hah.
          Sorry, but someone else has beaten you to the market with the same idea.

          Try to be faster next time.

          :-D

          Comment


          • Originally posted by Luke View Post
            I've given some thought to the danger of NSA spyware in video drivers and/or firmware, and here's my conclusion: It's not impossible, but if they could spy on all the Windows boxes via the
            video driver (or the CPU firmware, etc) than why bother also putting the backdoors into Windows and closed encryption products they've been caught with? If you have keylogging on any targetted machine, you don't need to take extra chances of discovery by putting additional spyware into Bitlocker and other commercial encryption products. The backdoors on routers they are suspected of would be for metadata the computer never sees, and in case they want to spy on communications from secure computers used on insecure networks. In short, it's the router, not the videocard, that you really can't trust.

            I don't use proprietary drivers, but I also figure those tiny AMD or NVIDIA firmware blobs would be the real hard way to insert a keylogger, given that the keyboard does not report to the video card during boot when I enter encryption passphrases. On a machine with a proprietary driver, I will only mount an encrypted device after boot from the console, only if X and the proprietary driver are not running at all. This way any spyware in the driver would not be running. Still, unless the spyware was designed to sleep unless "phoned from home," someone with Wireshark would find it by comparing packets with and without the driver, and with and without the firmware. Can you imagine what would happen to Nvidia if it got out their video driver was sending email passwords to an advertising server(or other adversary) and someone else's video driver did not? Surely they know that not only us, but commercial rivals will pick over those firmware blobs in hex editors looking for tasty tidbits? Biggest real-world dangers are wireless keyboards (surely use weak keys, sometimes NO encryption) and weak passphrases, same as always.

            Still, there is a difference between securing a computer that might contain photos of windows being smashed at a raid on a globalization summet, and a computer used to communicate with the latest defector from the NSA. In the former case, the NSA won't reveal any backdoor not previously known, so a firmware backdoor would PROBABLY sit unactivated and unused. Hell, they would have probably let the Vail fire ($30 million in damage by the ELF to a controversial ski resort) go unsolved before they would have revealed PRISM in open court to get an arrest warrant. That's because PRISM probably cost more than all of Vail. For what the ELF was doing, a new computer bought out of town with cash, Windows never activated, used once only for the mission, then destroyed is probably security enough.

            On the other hand,if you are in fact handling "Top Secret" information from a defector in the NSA or the Pentagon, things change. A computer doing something that can alter the course of war or diplomacy needs to be 100% isolated from opponents of its user. Word is the machine used for the Snowden documents was bought new, never connected to any network, never activated Windows. I would guess this used Coreboot under DM-crypt under a stripped Linux distro with only the needed software, no firmware blobs, and no networking hardware installed. Any communications would require a separate computer, passing data by flash drives only. You only get one bite at THAT kind of apple, and at that level you use every possible layer of security against every threat you can dream up, compromising only if a proposed defense would make the mission impossible. You don't need to be able to run games or a 3-d desktop on a machine used to handle the take from a mole inside the NSA!
            1 Nvidia driver has questionable approach to security as was shown by Nouveau devs so they dont need to even bother with altering something theyll just force NVIDIA to give them access to source and they'll built something like Stuxnet
            As i said before NSA has learned lesson and has to avoid damaging reputation of US products so they will have to adopt Stuxnet approach = Build malware thats exploiting flawed security or bugs to give NVIDIA plausible deniability
            Personally i think that Hardware/firmware backdoors are used as last resort or for penetration of high value targets not as general purpose Big Data intelligence gathering. For those they cooperating with Google MS and so on. So this idea you can capture how NSA phones home is just dumb

            Dunno but that 3G radio approach sounds reasonable who has L-band jammer at home?

            Comment


            • Originally posted by RealNC View Post
              And no one's gonna find out eventually? Unlikely. Any admin worth his money will see something suspicious when the stuff passes through the routers.

              Note: I'm not talking about how to detect this on your own machine. I mean detecting it *in general* so that information comes out that this stuff even exists. For example, lots of people are infected and part of a botnet. But we *know* that botnets exist. The people infected might not know, but it's common knowledge that botnets exist. If hardware backdoors appear, it's a matter of time until their existence too becomes public knowledge.
              If there were a backdoor in vpro then it would likely only be used for targeted attacks, not random mass monitoring. So unless you were targeted in such an attack, and logged all traffic coming out of the PC, then no, you would never see it. And (like Stuxnet) the "backdoor" wouldn't be called a backdoor, it would officially be a "bug" that the NSA happened to find and exploit. Zero power remote bugs were created about 70 years ago, I'm sure things have advanced since then, so no, it is not impossible. A buffer overflow in vPro microcode could enable remote upload of code, which could covertly communicate over the WiFi chip on an unassigned channel, or frequency hopping.

              Remember that Stuxnet had network command and control, and spread across local LANs of secured networks, and yet these crackshot admins didn't notice the odd network traffic at all, for years, until the authors released a version that accidentally spread across the open internet. It is entirely possible that they have even better exploits that they reserve for non-worm local only usage.

              Comment


              • Originally posted by DrYak View Post
                Sorry, but someone else has beaten you to the market with the same idea.

                Try to be faster next time.

                :-D
                Yes the idea has been around for a long time.

                Comment

                Working...
                X