back to article China’s infosec leads accuse Intel of NSA backdoor, cite chip security flaws

A Chinese industry group has accused Intel of backdooring its CPUs, in addition to other questionable security practices while calling for an investigation into the chipmaker, claiming its products pose "serious risks to national security." The Cybersecurity Association of China (CSAC), in a lengthy post on its WeChat account …

  1. VoiceOfTruth

    Cue the deafening silence

    If this is proven, what will be the response of the UK government? Silence? Ignore it and carry on as usual?

    It was notable that Huawei was subject to 'national security checks', while Intel and Cisco and every other US company is extended a welcoming hand.

    1. Tom Chiverton 1 Silver badge

      Re: Cue the deafening silence

      Sounds like over the top pandering about the Management Engine. Nothing new here...

    2. Anonymous Coward
      Anonymous Coward

      Re: Cue the deafening silence

      If?

    3. Anonymous Coward
      Anonymous Coward

      Re: Cue the deafening silence

      VoiceOfTruth - we haven't seen this troll account for a while. Only 4 posts in 2024, obviously the ₽ doesn't go a far as it used to.

      1. Claptrap314 Silver badge

        Re: Cue the deafening silence

        Thank you. VoT is a notorious sock puppet, probably Russian.

  2. Anonymous Coward
    Anonymous Coward

    AMD, Apple, Snapdragon.........

    ....I think we should be told!!

    ....and yes....I can believe that the NSA and/or NIST have "persuaded" Intel to perform un-natural acts.

    ....after all, they succeeded (big time!) with Cisco!!

    ....oh....I wonder how much Cisco kit there is in China.....

    1. DoContra
      Black Helicopters

      Re: AMD, Apple, Snapdragon.........

      ....oh....I wonder how much Cisco kit there is in China.....

      My gut feeling is very little (given how hard 5 eyes hammered Huawei/ZTE/Zyxel in the telco equipment space), but I can't discuss "private" companies buying cheap-as-chips used/refurbished western networking equipment.

  3. DoContra
    Megaphone

    Regardless of the veracity of the allegations...

    ...this will be used to either extortobtain some steep discounts from western providers ("nice sales you have here; would be a shame if your product were to be ZTEd into oblivion"), or to justify a pivot into 100% organic, home-grown, BPA free silicon (with popular support to understand/eat the pain/fallout of said transition). As someone in South America, can't really blame China for foraying into either of these options.

    1. Blazde Silver badge

      Re: Regardless of the veracity of the allegations...

      This. They finally have reasonable home-grown silicon, the KX-7000, various I/O systems and other tech hastily motivated by Western sanctions and all it needs is a good ramp up in demand to keep the investment flowing in. Why not a well-timed FUD campaign that would have sounded plausible at any point over the last 10 years but hasn't been beneficial until now.

      1. thames

        Re: Regardless of the veracity of the allegations...

        I think the focus is more on RISC-V and Loongson rather than x86 clones. The only reason to use x86 is either for Windows compatibility or to use commodity hardware designed to run. Windows is just as problematic or even more so when it comes to US back doors so plans are to phase it out as well (this is already well under way).

        Current policy in China is to phase out both x86 and Windows in all government and critical infrastructure use and replace them with RISC-V or Loonson and Linux. This is for a combination of security and to simply get away from all the massive delays and pointless paperwork and expense associated with dealing with American companies and their US sanctions compliance bureaucracy. Private industry and the consumer market are expected to follow once the economies of scale that comes from supplying the government market ramp up.

        Europe (EU) and India are going the same way, although they aren't as far along. With both of these it's driven by a desire to get away from increasing US control and also to help develop their own technology industries. There has long been an entire industry in Europe based around making and selling high tech kit that is certified free of US content in order to avoid dealing with US bureaucracy on re-export of goods which would otherwise include US content as one or more of its components.

        1. Blazde Silver badge

          Re: Regardless of the veracity of the allegations...

          Fair point, but x86 won't disappear anytime soon in mainstream China outside those critical uses. The problem they have right now is that x86's key appeal is sheer per-core performance, and their home-grown clones are struggling to get to where AMD & Intel are on that. But with more time, investment, growing market share, (and maaybe the odd stolen blueprint) they could easily start exporting their x86. The value in that is bigger than just clearing US tech from critical infrastructure.

  4. Clausewitz4.0 Bronze badge
    Devil

    Sounds plausible - Microcode

    Sounds plausible. Who can understand Intel's Microcode? Could it be open? Sure won't happen anytime soon...

    1. david 12 Silver badge

      Re: Sounds plausible - Microcode

      If they had any actual new information, they would release it. They don't, and didn't.

  5. FILE_ID.DIZ
    Trollface

    No shit sherlock...

    major defects in product quality and security management show its extremely irresponsible attitude towards customers

    Intel has many published vulnerabilities and other issues, both in hardware and in software. Between all the side-channel vulnerabilities and enclave vulnerabilities, one wonders if China's looking at this not through the lens of Hanlon's razor.

    And speaking to "irresponsible attitude towards customers", one only has to look as far back as to the differences (if you can really find any) between 13th and 14th gen processors at the consumer level...

  6. IGotOut Silver badge

    In before the USA go...

    .....but, but, but.

    This is EXACTLY what the USA did with Huewai.

    "There are backdoors and deliberate security flaws"

    "Can you prove it?"

    "Look man, there are...trust us...we can't prove it, you just got to trust us."

    Bit like...

    "Oh btw Iraq...they have sooooo many WMD's"

  7. pavlecom
    IT Angle

    .. flashback

    "The idea of the NSA putting hardware in every computer sounds absurd, until you realize it actually happened.

    .. Intel has been including a tiny little microcontroller inside their CPUs."

    #Flashback #NSA #Intel

    https://hackaday.com/2017/12/11/what-you-need-to-know-about-the-intel-management-engine/

    1. Casca Silver badge

      Re: .. flashback

      Good china troll

  8. Groo The Wanderer

    I expect the NSA demanded those capabilities around 9/11. I was working in the US when it happened - the whole country became paranoid and afraid of everything.

    I've no reason to doubt that China, Russia, and the US all make such demands of their manufacturers. Even in the US, you're only as "free" as the authorities allow, despite the bullshit about "land of the free" from the most heavily policed nation in the world.

    1. Merrill

      The NSA proposed the Clipper Chip to provide backdoor access to communications. When that failed, they turned to exploits of the endpoints. This was in the early '90s before 9/11.

      1. Groo The Wanderer

        I forgot about Clipper. Yes, the fascists in government around the world have long dreamed of an intrusive spy network that tracks and analyses the behaviour of anybody and everybody as they go about their lives; they thing 1984 was a playbook and guide, not a warning.

  9. CA Dave
    FAIL

    This is all too convenient.

    Russia and China both have been caught with their hands in the US Election interference cookie jar. To come out NOW of all times to make these claims, with only 20 days remaining before Election Day, is highly suspect.

    Maybe they're just bent out of shape because China State-sponsored hackers have attempted numerous intrusions into our industrial and infrastructure systems. They then went looking into trying to drum up anything remotely possible simply to say "THEY DO IT TOO!", but since they actually haven't found anything yet, it's possible this is all just propaganda.

    I don't think Intel would hardly care if revenue from China would drop as a result anytime soon. I don't think the UK would seriously only red flag Huawei instead of US tech because they're quite fond of hammering Google just for advertising reasons. Furthermore while their own silicon tech could possibly experience homegrown boosts of investment, I think they're too far behind the curve to truly catch up to everyone else's tech even at current levels for a considerably long time. The bigger issues to consider would be impacts to other sources of materials, such as lithium and pharmaceutical ingredients for everyday medications - from a retaliatory aspect.

    Now while there's always a possibility the Management Engine - which if that's the true conduit - could have some "backdoor" into it, would simply disabling or in Device Manager interrupt it? Maybe the versions subject to "backdoor" were only the chips sent to China. Turnabout after all is fair play in the game of counterintelligence.

    Assuming any of it is true. XD

    1. pavlecom
      IT Angle

      Re: This is all too convenient.

      The US was running social media troll farms since 2010 with a $200 million per year program funding it.

      Deflection tactic meant to try to shift attention away from the leaks about the US' bot and troll farm programs.

      https://twitter.com/SteveGuest/status/1318169741131993088

      P.S. No, you can't switch off Intel ME, read hackaday link above.

  10. totosh

    Known in France

    It’s been awhile now that in France, especially for government computers from Intel, this kind of micro codes are being erased before being put into use

  11. druck Silver badge

    Late to the party

    I'm surprised China has taken this long to find out about the IME, it's existence hasn't exactly been kept a secret, and we haven't been anything but vocal about our dislike of the concept.

  12. handle handle

    It wasn't that many years ago that Bloomberg was publishing stories about Chinese factories putting little microdot chips on SMC motherboard which forwarded copies of all Ethernet packets back to Chinese interference agencies.

    1. Claptrap314 Silver badge

      Yes, if you look up those stories, and the associated response, you would know that the response by the entire industry was, "Hahahahahahahaha!" followed by "Hmm, I wonder who pushed this idiotic claim, and why..."

  13. Rgordon

    Been saying this for decades.

    Apple, Microsoft.... easiest way to tell, is when a zero day appears and they nuke it elegantly in less time than it would take to read through the code fix. Either way, nothing will come from this.

    There's always some country or another, claiming that the Americans hacked them with backdoors given to them. Since the mid-2000s at least. And i do hope the Chinese post up some emails they hacked showing Verizon let's the NSA eavesdrop on everyone. And everyone in the west will just shrug and sayy we've definitely known that's a thing, why do you think there's a million words for weed...

  14. John Klos

    "in a lengthy post on its WeChat account"

    This in no way makes their claims less valid - Intel certainly has backdoors - but "in a lengthy post on its WeChat account" doesn't exactly instill the kind of authority one looks for in a proper security discussion. Is a TikTok video next?

  15. mcswell

    In hardware?

    If there's a hardware back door, then find it and disable it for crying out loud. Or use it yourself, China.

  16. BartyFartsLast Silver badge

    Nice.

    And how many backdoors into the home grown Chinese silicon have the Chinese security services got?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like