What, Me Worry?
This is different from most of the stuff on this blog, but I just followed a Twitter link to an article at the University of Cambridge Computer Laboratory web site that deserves a little notice.
Maybe you have been following these developments more than I have. I am a bit of a geek, I once worked out public key encryption with pencil and paper to understand how it worked but I am no expert on security nor do I follow the news or freak out over every little thing.
But I did not like the sound of this paragraph in the middle of the page:
Claims were made by the intelligence agencies around the world, from MI5, NSA and IARPA, that silicon chips could be infected. We developed breakthrough silicon chip scanning technology to investigate these claims. We chose an American military chip that is highly secure with sophisticated encryption standard, manufactured in China. Our aim was to perform advanced code breaking and to see if there were any unexpected features on the chip. We scanned the silicon chip in an affordable time and found a previously unknown backdoor inserted by the manufacturer. This backdoor has a key, which we were able to extract. If you use this key you can disable the chip or reprogram it at will, even if locked by the user with their own key. This particular chip is prevalent in many systems from weapons, nuclear power plants to public transport. In other words, this backdoor access could be turned into an advanced Stuxnet weapon to attack potentially millions of systems. The scale and range of possible attacks has huge implications for National Security and public infrastructure.So the US bought microchips from China to use in our most sensitive military and industrial applications, and China put a feature on the chip that will allow them to disable or reprogram our weapons, nuclear power plants, and public transportation systems.
Aw, probably no big deal.