Do Personal Computers Come With NSA Surveillance Devices Built-In As Standard?
from the tinfoil-hat dept
As Techdirt reported last year, one of the most bizarre episodes in the unfolding story of the Snowden leaks was when two experts from the UK's GCHQ oversaw the destruction of the Guardian's computers that held material provided by Snowden. As everyone -- including the Guardian's editor Alan Rusbridger -- pointed out, this was a particularly pointless act since copies of the documents were held elsewhere, outside the UK. The only possible explanation seemed to be that the UK government was trying to put the frighteners on the Guardian, and engaged in this piece of theater to ram the point home. But a fascinating blog post from Privacy International raises the possibility that there is another far more disturbing explanation:
GCHQ were not just interested in hard drives nor did they destroy whole devices. An examination of the targeted hardware by Privacy International, with cooperation from the Guardian, has found the whole episode to be more troubling and puzzling than previously believed.
In other words, GCHQ weren't trying to destroy the data -- which they, like everyone else, knew was completely futile. There were interested in "apparently trivial chips on the main boards of laptops and desktops." Specifically, these were the keyboard controller chip, the trackpad controller chip and the inverting converter chip. Privacy International provides more details:
During our investigation, we were surprised to learn that a few very specific components on devices, such as the keyboard, trackpad and monitor, were targeted along with apparently trivial chips on the main boards of laptops and desktops. Initial consultation with members of the technology community supported our identification of the components and that the actions of GCHQ were worth analyzing further.From our analysis, we believe the targeted component of the keyboard is the keyboard encoder responsible for communicating over the USB and interpreting key presses on its various I/O pins.
Just over a year ago, only the most paranoid would have worried about the fact that the GCHQ sent two people to destroy these seemingly trivial components. But in the wake of Snowden's revelations about the astonishing range of technologies that the NSA has developed in order to infiltrate hardware systems -- things like radio transmitters built into USB leads -- the GCHQ's actions immediately raise a troubling thought: that most or all mainstream computers routinely contain various components that can be used to spy on us. As Privacy International concludes:
...
We believe the targeted [trackpad] component is a serial flash chip that may perform a similar function to the keyboard controller also targeted. It is noteworthy that the device in question uses the controller board on the trackpad to also connect the keyboard to the main device.
...
The final component is an inverting converter, again used on the Apple MacBook Air systems.We will continue to explore the rest of the chips destroyed by GCHQ. We welcome any thoughts from individuals who have an understanding of these components and what their storage capabilities are, and for what purposes. We hope to achieve some much needed transparency about what our devices do and how the unseen components on the inside might betray our privacy.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: alan rusbridger, computers, destruction, gchq, inverting controller chip, keyboard controller chip, surveillance, trackpad controller chip
Companies: privacy international
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
You see... people should always pay attention to the tinfoil hatters... why?
Because there should only be 1 default position that should be taken when viewing the Government... any Government!
One of DISTRUST... if you trust your government, let please do the world a favor and end your public participation in elections as you are no longer fit to vote with any degree of intellectual capacity.
Citizens: innocent until proven guilty
Government: guilty until proven innocent
[ link to this | view in chronology ]
Re: Re:
So, Bush is a lizard alien from outer space who also orchestrated 9/11. The government is trying to control our minds with con-trails, radio waves, and deodorant. Cell phones do cause cancer. Microwaves cause cancer. Power lines cause cancer. Moonlight causes cancer. Vaccines cause autism. We never went to the Moon. Fell free to chime in, I'm sure I've missed quite a few.
Basically I'm saying that the Tinfoil hatters get it wrong far more often then they get it right. Bring us proof, bring us facts and we will believe, as has been proven with the Snowden documents.
[ link to this | view in chronology ]
Re: Re: Re:
Anything can be disproved if you only pay attention to the exceptions.
Paying attention should always be done... just long enough to hear them out. Paying attention does not mean you need to drink the cool aid. However, ignoring them could get you a nice sting in the back, not from them necessarily, but from those they warned you against.
Bush being a lizard alien from space? Okay, probably safe to ignore.
Bush Orchestrated 9/11? After being in office only a few months... hard to believe on top of all the people that would be needed to keep that secret. However, just because they didn't cause it, does not mean some coverup was not going on to protect arses, ya know the type of activity that builds suspicion. There is a reason to at least look, if for nothing else than to help reduce corruption and bullshit.
Microwaves/Powerlines causing cancer: (Worth the research, regardless of True/False)
Look how long it took to finally make it public how nasty Tylenol is on the liver.
Vaccines cause autism? I am sure this has happened but would be an edge case. Medicine causes all sorts of shit to happen to the body. Vaccination effectiveness has already proven its value, but if we can still improve it, then why not try? Even if surrounded by crazy people.
Not sure how many you have missed, but the default ignore mode many seem to have is why this nation is in the pile of shit we keep getting into.
Maybe you could instead look at all of the time tinfoil hatters were right, or do you have that foolish blind trust in government and people that many do?
[ link to this | view in chronology ]
Re: Re: Re: Re:
The tinfoil hatters that originally claimed the government was watching everything you do on your computer had no proof. No proof or logic means they pulled that claim out of their asses. Just because the government has been proven to be doing something similar does not change the origin of the original claim, it does not mean they were right.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Because our government is surely made from superior beings who would all make excellent benevolent dictators in case we were not living in a constitutional republic where the reigning duopoly is getting approval rates like the Sozialistische Einheitspartei Deutschlands running the Stasi did. And the bit of pseudo-democracy people may exercise in order to keep the wool over their eyes has been rigged to keep it that way.
History would have quite a few counterexamples to the "this could not happen as we're the good guys" thesis, but then history was not able to rely on the morally superior race Americans have been created from, people who had to leave Europe because the lesser beings there could not abide their moral superiority.
Tinfoil hatters, all of them, who doubt that Americans are better than everybody in history.
Get real. If you've been given eggs, make omelettes.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
I don't think it's incidental. Now anyone who don't believe the official story is labeled a conspiracy theorist (correctly), which means most people discredit him without listening or considering what he actually says.
Look how it turned out in case of the NSA.
[ link to this | view in chronology ]
Re: Re: Re: Re:
It's remarkable that spontaneous combustion of humans isn't a day to day occurrence, I guess the net hasn't gotten around to that yet.
[ link to this | view in chronology ]
Re: Re: Re: Biological Effects of microwave radiation
One of the best brain surgeons in Australia makes it a point Not to use mobile phones near his own head based on the patients he has to deal with.
So make of it what you may.
Lizard aliens from outer space, I don't know about that, but we did have a lecturer that was unaffectionately know as "the lizard man" or Dr Lizard for his appearance an manner. Mind you we also had a lecturer affectionately known as Dr Death for his lecturing style (perfect monotone - completely unexpressive like a cadaver).
[ link to this | view in chronology ]
Re: Re: Re: Re: Biological Effects of microwave radiation
Well he is obviously an idiot. If microwave radiation from mobile phones caused cancer there would be an extremely high rate of cancer in the right hemisphere of the brain which there is not. Simple logic defeats the argument, should he really be operating on brains?
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Biological Effects of microwave radiation
The whole point is that we actually do not know what are the limits and what are the indicators of susceptibility. Some people react badly to particular medicines while others are beneficially affected and others still for which the medicines have no effect at all.
The problem today is that the research methodologies in use are somewhat lacking in extensiveness. Many years ago, I was reading a research paper produced in relation to overhead power lines and lensing of solar radiation (you know one of those wacko beliefs out there). During the test period, the engineering researchers found no such lensing effects. However, at the conclusion of the tests and experiments, as they were packing up, one member picked up one of the test devices, which had not been powered down, and turned 90 degrees as he did so. He noticed that the readings on the test device jumped up from 0 to a significant value. This led the team to restart some of the tests and they reported finding that there was a polarisation of radiation found and surprisingly an actual lensing effect was observed.
They concluded that further tests should be undertaken to determine the exact processes occurring.
The observations I have made over the years is that extensive unbiased tests have not been undertaken. Both sides of the argument need to come together to determine the range of effects and the range of susceptibilities that can occur.
YMMV
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Biological Effects of microwave radiation
How would he know? The point is that no matter how awesome his medical credentials, he can't know something without research to back it up, and no legit research backs that up.
"The problem today is that the research methodologies in use are somewhat lacking in extensiveness."
No, that's not a problem. There have been multiple large-scale, long-term studies.
[ link to this | view in chronology ]
Re: Re: Re: Re: Biological Effects of microwave radiation
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Biological Effects of microwave radiation
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
apes
[ link to this | view in chronology ]
Re:
My 92 year old grandfather would have died middle aged if he weren't a tinfoil hat with his fear of asbestos, before it was proven to be dangerous.
He worked in a career that required someone to use it, and the company paid bonus money to whoever used it. My grandfather never took the bonus money despite being poor, his brother always took the bonus money. His brother died middle aged of asbestos related illness.
[ link to this | view in chronology ]
Re: Re:
Even a broken watch is right 2x a day.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
Being right twice a day doesn't matter if you don't know when it is right.
[ link to this | view in chronology ]
Typo
[ link to this | view in chronology ]
Re: Typo
[ link to this | view in chronology ]
Re: Re: Typo
It's clearly all an Illuminati front.
/semi-s
[ link to this | view in chronology ]
That'd be more interesting than the chips themselves...
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
yay hidden taxation!
[ link to this | view in chronology ]
what's the n?
[ link to this | view in chronology ]
Re: what's the n?
YES. They're a wookie. Look over there !!! Meanwhile the real backdoor is elsewhere.
Right now someone(s) in GCHQ is(are) giggling.
[ link to this | view in chronology ]
Re: what's the n?
Replacing the ICs with ones that look the same but behave differently would have disastrous effects on the software drivers that run the devices.
Add in to this the fact that each mainboard will have completely different chipsets based on model (not manufacturer) mean that GCHQ would need a large FAB and all the production files for the chips and sufficient time to produce a run of each IC. Basically it is far easier and efficient to install spyware (most PCs come preloaded with the worth NSA friendly spyware anyway).
[ link to this | view in chronology ]
The interdiction explanation would make more sense? Putting the bug on every single model would increase risk of discovery of secret buging tech.
[ link to this | view in chronology ]
Re:
Modern hardware, such as what we're talking about here, isn't strictly "hardware" - it also contains software or firmware. I don't have specs, but they could be talking about EEPROM chips - a type of reprogrammable chips that can be updated with a different version of firmware. http://en.wikipedia.org/wiki/EEPROM
Why would that matter here? I can see 2 reasons. 1) They had somehow compromised those systems and were concerned about being found out. 2) They wanted to force purchase/replacement of new devices that could be compromised. #2 becomes more likely when you think about the recent relevations of intercepting shipments and bugging them.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
Once the laptop was revealed to have been used to transport/view the sensitive documents, the GCHQ and NSA needed to make sure it was destroyed lest some other agency, government, or otherwise nefarious character could obtain and/or extract information that may have been captured by the specific chips they targeted.
IOW, protecting their ass - they probably felt those specific chips *could* have been compromised, so best destroy them to be safe.
Should just nuke it from orbit, it's the only way to be sure.
[ link to this | view in chronology ]
Re: Re:
You know how people in government weren't allowed to read the published Snowden documents because they were technically still classified, and they weren't allowed to have classified material on an insufficiently protected device?
Maybe it's something similar here. They couldn't leave classified documents on a rather insecure government tracking device, so regulations said they had to go destroy the device.
[ link to this | view in chronology ]
Re: Re:
In that case, destroy ALL the chips.
I'm increasingly of the opinion that these have known vulnerabilities, and specifically that they may be logging something.
[ link to this | view in chronology ]
I kept wondering about what would be the purpose here. If the destruction of such key components is confirmed it could mean that they were somehow compromised and used to get info from the computer. If not it could mean they contained info that would be extracted later. Damned if destroyed, damned if not destroyed. And given that the most wild conspiracy theories have been proven right regularly lately... Well, shit.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Personal Computers Come With NSA Surveillance Devices Built-In
[ link to this | view in chronology ]
Re: Personal Computers Come With NSA Surveillance Devices Built-In
It's possible, but unlikely. The cost of the chips would double or triple. These factories make their money from selling massive amounts of chips with low margin. They wouldn't be able to pay for the extra parts needed, or be able to afford making the original part that much smaller.
[ link to this | view in chronology ]
Re: Re: Personal Computers Come With NSA Surveillance Devices Built-In
[ link to this | view in chronology ]
Re: Re: Re: Personal Computers Come With NSA Surveillance Devices Built-In
Indeed, maybe they were, as you say, taking advantage of someone else's secret work. But what they wanted to do was look at the secret keylogger data in some inexpensive chip to see what else had been typed by the PC's owner. Tinfoil Hat: Maybe there is some non obvious, secret way to get some fifty cent chip to cough up this secretly recorded data.
[ link to this | view in chronology ]
Stuck in Shanghai
I'm nobody important, but it seems pretty easy for every government to divert and tamper with stuff. Too easy.
[ link to this | view in chronology ]
Re: Stuck in Shanghai
It is easy small-scale, but as an operation like that scaled up, it would be prohibitively expensive for most countries pretty quickly. It's one thing to hide it in the US budget, but I think many countries would find it difficult to intercept packages indiscriminately to modify the contents.
[ link to this | view in chronology ]
people bring their store-bought computers to you, and you remove/replace until they are clean. worth as much as a computer in my book, though my book doesn't have that many pages.
[ link to this | view in chronology ]
Re:
As far as we know, the 'Joker has tainted hundreds of chemicals at the source...'. There are some components that really have a small number of manufacturers.
[ link to this | view in chronology ]
Re:
Anyone who publicly advertises services to paranoid people who are afraid of being spied on are sure to targeted first.
I'm certain any components you obtain for replacing are going to be specifically tainted just to be sure all your customers are being tracked.
You'd be doing the spy agencies a huge favor by identifying the people they need to target and fiddling with their equipment for them.
[ link to this | view in chronology ]
Re: Re:
So people who like their privacy are automatically people the spies need to target? Yeah, that does sound like spy-think.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Maybe what they really were doing was to see what else had been typed on that computer. Maybe fishing for some evidence of a trumped up crime?
[ link to this | view in chronology ]
However, we already have the precedent of phone companies being forced to turn over their call data for their entire customer base, on an ongoing basis, while also being told they had to keep it secret.
Once the government starts going down the road of secretly telling companies what they have to do, it's hard to say that they haven't gone further down it. Who's to say they never told components manufacturers that they had to include one particular extra chip in their devices, and that they had to keep it secret? Maybe FISA approved it with the provision that they could only "target" foreigners or terrorists, even as it was collecting information from every newer computer on the planet.
Of course, I don't think it's quite on that scale. If every device was compromised, someone would notice - there are plenty of people out there that could tell that something wasn't right. But you could certainly get some devices at a particular location like a newspaper.
[ link to this | view in chronology ]
The EC (embedded/keyboard controller) will almost certainly have onboard storage, so you could probably hide a document there (if you knew how to write code for the EC). Can't tell specifics about that part since it's blacked out by the manufacturer. The ones that my company use could be programmed to do that for sure.
The inverter is harder to understand, though. The LT3957 has no onboard storage at all; it's configured by external components only; (here's the datasheet: http://cds.linear.com/docs/en/datasheet/3957f.pdf). I don't see how it could be used to conceal anything.
[ link to this | view in chronology ]
Re:
Since we're all engaging in completely wild and evidence-free speculation, I'll chime in on this...
In years past, there have been hardware-based exploits that take a chip that in innocuous -- such as the LT3957 -- and replaced it with a chip that is outwardly identical, including the markings, but is actually programmable and has onboard storage. Something like this could be done here and you'd not be able to detect it on visual inspection. A really key question is what are these inverters wired to? It would have to be something that an interesting bitstream passes through.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
According to the "non-classified" version of the data sheet, that is.
[ link to this | view in chronology ]
Re: Re:
I understand why they might want to disable any onboard storage devices. I just don't see this one as relevant. Maybe it was the rest of the circuit it was in that they were after. Would need to see the schematics to know.
[ link to this | view in chronology ]
AN ALTERNATE THEORY
The agents screwed up and stripped off the wrong part.
Why would I say that? Because if you flip the exact same board over onto the other side, about an inch and a half to the left of where the 3957 is located you see there a Macronix MX25L6406E 64Mb flash part right there. Here's a picture of the back side of the board:
http://d3nevzfk7ii3be.cloudfront.net/igi/iP1Hi4CFRwmWYjYi
It's right there outlined in blue.
So if the agents were getting instructions, say, over the phone, about how to disable this particular model's storage devices it would be possible to pull an oopsie and mistake the parts. Or maybe the instructions they had were for a different model or something and they just improvised. It makes a lot more sense to me that this could happen than why they'd need to remove a DC/DC converter/inverter from the board.
Agents are human, too.
[ link to this | view in chronology ]
Chips altered?
[ link to this | view in chronology ]
Re: Chips altered?
Either:
1. The computer would trust an additional signature for signing the UEFI. (which raises questions)
2. The modified UEFI was signed by Microsoft's signature, using signing keys provided by Microsoft either willingly or unwillingly.
3. Whoever modified the UEFI used stolen keys to sign it with Microsoft's signature.
4. The TPM chip and related hardware is compromised so that it will trust a firmware modified or signed in a certain way. Maybe it has an internal hidden key or certificate chain that it validates the modified UEFI, but doesn't show up on any list of installed signing keys it trusts.
5. Something else?
I don't know. It seems to me that if you could, on a very large scale, compromise some fifty cent part to also have flash memory and act as a secret keylogger, you would have a very powerful and secret tool. Now you just need to inspect / search / impound / seize / "destroy" the hardware to obtain this part and use some secret procedure to extract the keylogger data it contains.
[ link to this | view in chronology ]
Re: Chips altered?
That's funny. Got any more?
I've got a PC from way before Windows 8 that has it's own little Linux with a full network stack and browser baked right into the BIOS. It launches automatically to connect to online "support" if no bootable drives are found.
[ link to this | view in chronology ]
Re: Chips altered?
[ link to this | view in chronology ]
Wishful thinking:
[ link to this | view in chronology ]
Re: Wishful thinking:
[ link to this | view in chronology ]
Re: Re: Wishful thinking:
[ link to this | view in chronology ]
Re: Re: Re: Wishful thinking:
[ link to this | view in chronology ]
Re: Re: Wishful thinking:
[ link to this | view in chronology ]
Re: Re: Re: Wishful thinking:
[ link to this | view in chronology ]
not made in the USA
But if they're putting these chips in every computer....
yeesh. It's a fact now. No more USA computers or phones fo rme.
[ link to this | view in chronology ]
Agreed, no more american made tech
[ link to this | view in chronology ]
[ link to this | view in chronology ]
ARM coprocessor
http://boingboing.net/2012/08/23/civilwar.html
http://www.pcmag.com/article2/0,2817,2457265 ,00.asp
[ link to this | view in chronology ]
Re: ARM coprocessor
[ link to this | view in chronology ]
Re: ARM coprocessor
[ link to this | view in chronology ]
Tinfoil hattery
No, I consider it much more likely that those computers were destroyed just for the sake of destroying them.
Because where the Guardian should be really looking for tampering is in the replacements it needed because of the destruction. What's its supply chain? Because you can bet that anything even remotely predictable will now have the GCHQ's fingerprints all over it.
[ link to this | view in chronology ]
Resistance
[ link to this | view in chronology ]