Iran’s Revolutionary Guards show off a captured US RQ-170 Sentinel drone
A researcher in Cambridge has issued a report claiming that a common sort of reprogrammable microchip (an FPGA, for you gearheads) contains a deliberately-obscured backdoor that would allow anyone with knowledge of it to clone or reprogram the chip. These chips are really common, and show up in everything from drones to nuclear power plants.
Robert David Graham of “cyber security consulting company” Errata says that these claims are overblown. It’s not that these chips don’t contain this vulnerability, he elaborates, it’s just that nearly all FPGA chips have this vulnerability.
Evan Rodgers at The Verge breaks it down:
Errata Security [argues] that these backdoors are more commonly known as debugging interfaces. Manufacturers often just physically disconnect these debugging avenues rather than design them out of chips after development as a cost saving measure. This means that these interfaces could be exploited by physically reconnecting the pins, which is a technique commonly used to hack consumer electronics. For example, hackers on the XDA-Developers forums modified the original Galaxy S and its variants to expose JTAG flashing mechanisms. Even a specific generation of the Xbox 360 was exploited this way.
So, no big deal, right? Except that the larger issue is that as military hardware incorporates more off the shelf parts, in theory, it becomes easier to hack. That’s one reason why it’s such a big deal that Iran recently got hold of an intact US drone, which they claim to be copying as well as sharing with China.