Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not a subscriber? Subscribe now for unlimited access to online articles.

Christopher Mims

A View from Christopher Mims

US Military Chips "Compromised"

As military hardware uses more off the shelf components, it has become vulnerable to common exploits.

  • May 30, 2012

A researcher in Cambridge has issued a report claiming that a common sort of reprogrammable microchip (an FPGA, for you gearheads) contains a deliberately-obscured backdoor that would allow anyone with knowledge of it to clone or reprogram the chip. These chips are really common, and show up in everything from drones to nuclear power plants.

Iran’s Revolutionary Guards show off a captured US RQ-170 Sentinel drone

Robert David Graham of “cyber security consulting company” Errata says that these claims are overblown. It’s not that these chips don’t contain this vulnerability, he elaborates, it’s just that nearly all FPGA chips have this vulnerability.

Evan Rodgers at The Verge breaks it down:

Errata Security [argues] that these backdoors are more commonly known as debugging interfaces. Manufacturers often just physically disconnect these debugging avenues rather than design them out of chips after development as a cost saving measure. This means that these interfaces could be exploited by physically reconnecting the pins, which is a technique commonly used to hack consumer electronics. For example, hackers on the XDA-Developers forums modified the original Galaxy S and its variants to expose JTAG flashing mechanisms. Even a specific generation of the Xbox 360 was exploited this way.

So, no big deal, right? Except that the larger issue is that as military hardware incorporates more off the shelf parts, in theory, it becomes easier to hack. That’s one reason why it’s such a big deal that Iran recently got hold of an intact US drone, which they claim to be copying as well as sharing with China.

Keep up with the latest in Security at Business of Blockchain 2019.

May 2, 2019
Cambridge, MA

Register now
Want more award-winning journalism? Subscribe to Print + All Access Digital.
  • Print + All Access Digital {! insider.prices.print_digital !}*

    {! insider.display.menuOptionsLabel !}

    The best of MIT Technology Review in print and online, plus unlimited access to our online archive, an ad-free web experience, discounts to MIT Technology Review events, and The Download delivered to your email in-box each weekday.

    See details+

    12-month subscription

    Unlimited access to all our daily online news and feature stories

    6 bi-monthly issues of print + digital magazine

    10% discount to MIT Technology Review events

    Access to entire PDF magazine archive dating back to 1899

    Ad-free website experience

    The Download: newsletter delivered daily

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.