Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Christopher Mims

A View from Christopher Mims

US Military Chips "Compromised"

As military hardware uses more off the shelf components, it has become vulnerable to common exploits.

  • May 30, 2012

A researcher in Cambridge has issued a report claiming that a common sort of reprogrammable microchip (an FPGA, for you gearheads) contains a deliberately-obscured backdoor that would allow anyone with knowledge of it to clone or reprogram the chip. These chips are really common, and show up in everything from drones to nuclear power plants.

Iran’s Revolutionary Guards show off a captured US RQ-170 Sentinel drone

Robert David Graham of “cyber security consulting company” Errata says that these claims are overblown. It’s not that these chips don’t contain this vulnerability, he elaborates, it’s just that nearly all FPGA chips have this vulnerability.

Evan Rodgers at The Verge breaks it down:

Errata Security [argues] that these backdoors are more commonly known as debugging interfaces. Manufacturers often just physically disconnect these debugging avenues rather than design them out of chips after development as a cost saving measure. This means that these interfaces could be exploited by physically reconnecting the pins, which is a technique commonly used to hack consumer electronics. For example, hackers on the XDA-Developers forums modified the original Galaxy S and its variants to expose JTAG flashing mechanisms. Even a specific generation of the Xbox 360 was exploited this way.

So, no big deal, right? Except that the larger issue is that as military hardware incorporates more off the shelf parts, in theory, it becomes easier to hack. That’s one reason why it’s such a big deal that Iran recently got hold of an intact US drone, which they claim to be copying as well as sharing with China.

Hear more about security at EmTech MIT 2017.

Register now

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

Want more award-winning journalism? Subscribe to Insider Plus.
  • Insider Plus {! insider.prices.plus !}*

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus ad-free web experience, select discounts to partner offerings and MIT Technology Review events

    See details+

    What's Included

    Bimonthly magazine delivery and unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.