Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Iran’s Revolutionary Guards show off a captured US RQ-170 Sentinel drone

A researcher in Cambridge has issued a report claiming that a common sort of reprogrammable microchip (an FPGA, for you gearheads) contains a deliberately-obscured backdoor that would allow anyone with knowledge of it to clone or reprogram the chip. These chips are really common, and show up in everything from drones to nuclear power plants.

Robert David Graham of “cyber security consulting company” Errata says that these claims are overblown. It’s not that these chips don’t contain this vulnerability, he elaborates, it’s just that nearly all FPGA chips have this vulnerability.

Evan Rodgers at The Verge breaks it down:

Errata Security [argues] that these backdoors are more commonly known as debugging interfaces. Manufacturers often just physically disconnect these debugging avenues rather than design them out of chips after development as a cost saving measure. This means that these interfaces could be exploited by physically reconnecting the pins, which is a technique commonly used to hack consumer electronics. For example, hackers on the XDA-Developers forums modified the original Galaxy S and its variants to expose JTAG flashing mechanisms. Even a specific generation of the Xbox 360 was exploited this way.

So, no big deal, right? Except that the larger issue is that as military hardware incorporates more off the shelf parts, in theory, it becomes easier to hack. That’s one reason why it’s such a big deal that Iran recently got hold of an intact US drone, which they claim to be copying as well as sharing with China.

3 comments. Share your thoughts »

Tagged: security, military, drones, uav, backdoor

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me