Christopher Mims

A View from Christopher Mims

US Military Chips "Compromised"

As military hardware uses more off the shelf components, it has become vulnerable to common exploits.

  • May 30, 2012

A researcher in Cambridge has issued a report claiming that a common sort of reprogrammable microchip (an FPGA, for you gearheads) contains a deliberately-obscured backdoor that would allow anyone with knowledge of it to clone or reprogram the chip. These chips are really common, and show up in everything from drones to nuclear power plants.

Iran’s Revolutionary Guards show off a captured US RQ-170 Sentinel drone

Robert David Graham of “cyber security consulting company” Errata says that these claims are overblown. It’s not that these chips don’t contain this vulnerability, he elaborates, it’s just that nearly all FPGA chips have this vulnerability.

Evan Rodgers at The Verge breaks it down:

Errata Security [argues] that these backdoors are more commonly known as debugging interfaces. Manufacturers often just physically disconnect these debugging avenues rather than design them out of chips after development as a cost saving measure. This means that these interfaces could be exploited by physically reconnecting the pins, which is a technique commonly used to hack consumer electronics. For example, hackers on the XDA-Developers forums modified the original Galaxy S and its variants to expose JTAG flashing mechanisms. Even a specific generation of the Xbox 360 was exploited this way.

So, no big deal, right? Except that the larger issue is that as military hardware incorporates more off the shelf parts, in theory, it becomes easier to hack. That’s one reason why it’s such a big deal that Iran recently got hold of an intact US drone, which they claim to be copying as well as sharing with China.

Tech Obsessive?
Become an Insider to get the story behind the story — and before anyone else.

Subscribe today

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

Want more award-winning journalism? Subscribe to Insider Basic.
  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning magazine and daily delivery of The Download, our newsletter of what’s important in technology and innovation.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.