Hi so I missed a very interesting discussion.
You should announce it in advance that you will talk about the conscription theories associated with intels ME and USB debug feature.
Having a serious HW troyan will always involve additional HW as leaking side channels are interesting generated by variations of process but one would need a receiving device to get the data from a side channel.
Intel ME has a nic and a switch in the phy to leak out data.
So it could also leak out non ethernet data provided the stream is manchester or similar coded to make it over the magnetics of the nic the ME lives in (early version) or has control over.
So an attacker will need a transmit (leak out) and receive (what to leak over a limited bandwith) channel.
How to implement both by only
On Monday, April 15, 2019, Christoph Maier <christoph.maier@ieee.org> wrote:
> On Sun, Apr 14, 2019 at 9:17 PM Éger Ferenc <eegerferenc@gmail.com> wrote:
>>
>> Hello List,
>>
>> On the Mumble session of today, we began to deal with a new topic: as one of our aims is to make semiconductor manufacturing transparent, our products may end up in critical systems (infrastructure, government, important NGOs, ...). Therefore the security, trustworthiness and traceability of our devices is important. The topic grown out of a thread on our Matrix room, that I copy below to give some context:
>
> Sorry that I didn't join this Mumble session. I was brainstorming how
> to successfully apply for an infosec researcher position to be able to
> do some disruptive innovation for which
> 1. your bespoke, large feature size IC process may be crucial,
> and
> 2. a lot of the security protocols and procedures you describe may be
> unnecessary.
>
> We apologize for the inconvenience
> tatzelbrumm
> _______________________________________________
> Libre-silicon-devel mailing list
> Libre-silicon-devel@list.libresilicon.com
> http://list.libresilicon.com/mailman/listinfo/libre-silicon-devel
>
--
Send from mobile phone with autocorrection / autofill. Blame my phone for typos.