Tuesday, August 26, 2014

NSA Announces Secure Guidance Program - FPGAs

 This program works to develop Secure Implementation Guides (SIGs) to help explain the unique implementation of the numerous Security Features within each vendor’s product family.

The Microsemi SmartFusion2 SoC and IGLOO2 FPGA product families have completed the U.S. National Security Agency (NSA) Information Assurance Directorate (IAD) Secure Implementation Guidelines (SIG) document.
SmartFusion2 SoC FPGAs integrate flash-based FPGA fabric, a 166 MHz ARM Cortex-M3 processor, advanced security processing accelerators, DSP blocks, SRAM, eNVM and industry-required high performance communication interfaces on one chip.

Friday, August 22, 2014

How to use OpenPGP to encrypt your email messages and files in the cloud

 While OpenPGP isn’t quite “set it and forget it” technology, it is very effective—so effective, in fact, that instead of trying to crack the encryption, some government agencies have resorted to issuing subpoenas for private keys and passwords.
While this tutorial doesn’t provide you with an NSA-defeating level of protection (you still have much to learn, grasshopper), you now have the basics for keeping your information private from most casual attacks.
99% BAD HARDWARE WEEK: What use of  weak encryption at all ?

Wednesday, August 20, 2014

USB 3.0 Promoter Group Announces USB Type-C Connector

The USB Type-C connector is a major breakthrough that combines 10 Gbps high-speed
communication with charging capability scalable upto 100W, while consolidating numerous
cables into one robust, unique cable with reversible plug orientation and cable direction that
significantly improves the user experience

99% BAD HARDWARE WEEK: Apple's patent on July 24, 2014 is given here.

Saturday, August 16, 2014

FBI's Meta errors

 "We found that the FBI's corrective measures have not completely eliminated potential intelligence violations resulting from typographical errors in the identification of a telephone number, email address, or social security number in an NSL," the report reads. "These typographical errors cause the FBI to request and, in some instances receive, the information of someone other than the intended target of the NSL."

Black Hat: More Internet-Scale Bugs Are Likely Lurking

A survey of software libraries used in many companies’ products suggests we may see more incidents like the Heartbleed bug.

Free: This tool can make 15nm mask for your chip

Free: This tool can make 15nm mask for your chip
They issued FreePDK45 in 2007 to facilitate design at the 45 nm scale. That software was used for educational purposes at hundreds of institutions, and was cited in more than 200 scholarly papers.

Friday, August 15, 2014

Why Every Chip Can Be Hacked With This Tool

Focused ion beam technology is an ingenious technique, developed as a tool to aid in the development, manufacturing, and reworking of chips. But it also can be used to hack them

Wednesday, August 13, 2014

Meet MonsterMind, the NSA Bot That Could Wage Cyberwar Autonomously

Blaze says the algorithm scanning system Snowden describes sounds similar to the government’s recent Einstein 2 (.pdf) and Einstein 3 (.pdf) programs, which use network sensors to identify malicious attacks aimed at U.S. government systems. If that system were secretly being extended to cover all U.S. systems, without public debate, that would be a concern.

Tuesday, August 12, 2014

Intel's first 7 nm node only in 2020

Moore's law is not dead still, but is deadly slow.
Bob Colwell, Intel: “For planning horizons, I pick 2020 as the earliest date we could call [Moore's law] dead,” Colwell said. “You could talk me into 2022, but whether it will come at 7 or 5nm, it’s a big deal.”
99% BAD HARDWARE WEEK:  Moore is dead in 2022, at 5nm.

Wednesday, August 06, 2014

World's famous selfie refuses to be removed

Wikimedia, the non-profit organisation behind Wikipedia, has refused a photographer’s repeated requests to stop distributing his most famous shot for free – because a monkey pressed the shutter button and should own the copyright
99% BAD HARDWARE WEEK: Mon(k)ey business everywhere, as usual.

Sunday, August 03, 2014

Rock's Law now rocks: Why Moore's law effectively failed at Intel's 14nm ?

99% BAD HARDWARE WEEK: We should have by now Intel's 4+B processors. But even possible,  those transistors should be dark due to physically limited power consumption. 22 nm node was a tipping point.
 After that, chip manufacturing costs were rising faster than the number of transistors on chip.
Though Barnum circus style marketed around for a while, Intel's 14 nm process is actually only process improvement, not a real shrunk node. Process benefits on chip's high performance are neglectible. However, in low power consumption version effects are somewhat better. 30 years after 386  processor introduction in 1,5 micron and 100 times smaller node at 14nm, seeems that shrinking magic definitely failed. ALAS, NO MORE FREE BIG CHIP LUNCH FOR CONSUMERS.

Friday, August 01, 2014


Security researcher Arrigo Triulzi. Nothing of Bad Hardware is science fiction taken individually, but we have not seen it in the wild ever.       Well, what about Natanz nuclear facility ?

Triulzi said he's seen plenty of firmware-targeting malware in the laboratory. A client of his once infected the UEFI-based BIOS of his Mac laptop as part of an experiment. Five years ago, Triulzi himself developed proof-of-concept malware that stealthily infected the network interface controllers that sit on a computer motherboard and provide the Ethernet jack that connects the machine to a network. His research built off of work by John Heasman that demonstrated how to plant hard-to-detect malware known as a rootkit in a computer's peripheral component interconnect, the Intel-developed connection that attaches hardware devices to a CPU.

Vendors of newer P C I c a r ds often provide tools that c a n be use  to f l a s h the c a r d  f rom within W i ndows ( provided t h e user has administrative privilege )

BadBIOS or BadUEFI ?, the mysterious Mac and PC malware

BadBIOS, the mysterious Mac and PC malware
His network transmitted data specific to the Internet's next-generation IPv6 networking protocol, even from computers that were supposed to have IPv6 completely disabled.  Further investigation soon showed that the list of affected operating systems also included multiple variants of Windows and Linux.

"We had an air-gapped computer that just had its [firmware] BIOS reflashed, a fresh disk drive installed, and zero data on it, installed from a Windows system CD," Ruiu said. "At one point, we were editing some of the components and our registry editor got disabled. It was like: wait a minute, how can that happen? How can the machine react and attack the software that we're using to attack it? This is an air-gapped machine and all of a sudden the search function in the registry editor stopped working when we were using it to search for their keys."
99% BAD HARDWARE WEEK: Well this is obviously UEFI based malware. It has IPv6 wake up and thus understanding of this protocol. Other undetectable air-gap bridging gremlins are the same as for BIOS.

This page is powered by Blogger. Isn't yours?