Sign in / up

back to article Marvell disputes claim Cavium backdoored chips for Uncle Sam

Cavium, a maker of semiconductors acquired in 2018 by Marvell, was allegedly identified in documents leaked in 2013 by Edward Snowden as a vendor of semiconductors backdoored for US intelligence. Marvell denies it or Cavium placed backdoors in products at the behest of the US government. The allegations surfaced in the PhD …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Big Brother

    Motherboards containing spy chips

    elReg: “allegations that surfaced in 2018 about Supermicro server motherboards containing spy chips

    There were cases where equipment was chipped on the way from the manufacturer to the client. Possibly explains there being unoccupied space already tracked and pinned on the motherboard,

    0 8 Reply
    1. Mishak Silver badge
      Reply Icon

      "unoccupied space already tracked"

      Whilst it is possible that could be used to add some "spy stuff", it is more likely to indicate that the board is simply a cost-reduced variant of another build.

      5 0 Reply
    2. IGotOut Silver badge
      Reply Icon

      Re: Motherboards containing spy chips

      Just like the blank panels on a car dashboard so they can add government tracking switches hardware.

      Or its simply for other variants of the car.

      2 0 Reply
    3. Stuart Castle
      Reply Icon

      Re: Motherboards containing spy chips

      One other possible explanation is that they removed one or more circuits or traces, as part of the normal updating of motherboard designs. Maybe the new way was cheaper, or more reliable.

      0 0 Reply
  2. sitta_europea Silver badge

    If I had a secret that really needed to be recorded, absolutely the last thing I'd use to record it would be an electronic device.

    2 0 Reply
  3. Erik Beall

    Fault injection is still a big problem with even new systems. There are ways of hardening then and certain vendors tend to be better. If cracker services advertise a long list of micros they can crack and omit some popular series that's been around a few years, that's a really good sign the vendor took care with it, although it's not a guarantee. For example, several of the STM32 series are and some aren't (stm32F4, at least when I last looked ~2 yrs ago) advertised as crackable for a hundred bucks, while a huge range of PICs are. It's well known enough manufacturs should do better, yet for example several of the newest nvidia jetsons secure boot process were recently found to be susceptible.

    1 0 Reply
  4. John Klos

    Not necessarily willing participation

    Notice the phrasing: "SIGINT enabled CPU". This doesn't necessarily mean that Cavium directly participated. It could just as easily be explained by Cavium implementing something incorrectly, or implementing the wrong thing (Dual_EC_DRBG), and the NSA had confirmed that anything using those built-in CPU features is exploitable by them.

    0 0 Reply
  5. Anonymous Coward
    Anonymous Coward

    The better question to Marvell would have been "Which judge signed the national security letter in your files?"

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like