By Nicholas Weaver
It has now been two weeks without confirmation of Bloomberg’s reporting concerning a supply chain attack targeting SuperMicro motherboards from any news outlet. Given the alleged widespread nature, incredibly strong denials from the allegedly affected companies and multiple intelligence agencies around the world (including the NSA), and at least two previous incidents where the same reporters probably got a computer security story horribly wrong, absent independent evidence many are right to call this particular incident a false alarm. Earning less attention is a new article by the same reporters describing an implant supposedly designed for an ethernet jack. This story makes less sense to me and adding a second, more suspicious story makes me less inclined to believe the original story.
Ethernet jacks are passive components—meaning they lack a power connection to supply electricity to an implant—and, even if a power connection were added, ethernet jacks do not carry information that can be corrupted by simply changing some programming. Messing with an ethernet jack would require an entire miniature computer that fits in the jack without changing its dimensions—and one that not only computes, but includes its own Ethernet interface designed to piggyback and intercept the network. The “Phy” alone, the physical interface between a computer and the magnetics embedded in the Ethernet jack, needs a dozen pins and uses half a watt.
But the original story, even if most experts now doubt its veracity, should be a wake-up call. It is time to get serious about supply-chain security both from a technical and a policy standpoint by minimizing the number of components that are essential to security Let me explain what I mean:
Start with the technology side. Hardware manufacturers should aim to reduce the “trusted base,” the components that need to execute with integrity, to something far more manageable. Then, he goal should not be to remove China from supply chain—just to remove China from the trusted base. Manufacturers know how to design computers that don’t need to “trust” the motherboard. They should work to make that the standard design.
The trusted base for a typical server is remarkably large. The CPU (central processing unit) runs everything in the server, so its integrity is essential. But modern CPUs include tools such as Intel BootGuard that enable a computer maker to provide a key that verifies firmware. After configuring the tool, the CPU only loads firmware approved by the manufacturer—rejecting malware whether it was installed when the motherboard was assembled (such as the attack alleged in the initial Bloomberg article) or after the fact (such as those used by hackers like “Fancy Bear”).
Some devices have already taken an approach of only trusting the CPU: Apple’s iPhones (at least for the past five years) have a small amount of code built into the CPU that must be trustworthy, as it authenticates that the rest of the code on the device is correctly signed by Apple—similar to the BootGuard tool described above. It ensures that the rest of the code is free from tampering—and as long as this heart is uncorrupted, the rest of the system’s code has to prove itself to be trustworthy in order to run. In short, the brains of the iPhone doesn’t trust anything else that is not cryptographically signed.
This greatly reduces the risk of supply-chain attacks on iPhones: Sabotaging the motherboard manufacturing process becomes a futile effort because the CPU is designed not to trust the motherboard, the external memory, or anything else in the system. Adding a small sabotage chip simply does not work because the CPU would refuse to acknowledge the corrupted instructions. Put bluntly, although Apple has FoxConn assemble the iPhone, the iPhone itself is designed to distrust FoxConn.
The U.S. government should mandate that level of security on all computers it purchases (perhaps with a gradual phase-in process to limit disruption). Everything in the computer that can access the system’s memory—including the CPU, the BMC, network controllers, disk controllers, and any other chip that has an external firmware—must only accept cryptographically validated firmware. Moreover, the configuration of any cryptographic keys should be required to take place in the United States prior to delivery or during the manufacturing process of the silicon chips themselves, not during the assembly of the motherboard. Doing so would remove the motherboard-assembly process from the trusted base. I do not know of any commercially available server that meets such requirements today, but it is reasonable to build such systems—especially if the government demands them.
Beyond that, there needs to be a general repatriation of manufacturing the trusted-base components of servers for U.S. government and other sensitive systems. Chinese companies, or those companies controlled by China or Chinese interests, should simply be forbidden. No matter if it is Lenovo computers, ZTE routers, or Hikvision security cameras, products that do not meet this standard should simply not be purchased by the U.S. government nor installed in other critical sectors.
Government-purchased computers should be treated similarly. Any component that can write to the computer’s memory and any component that needs a device driver installed by the operating system is effectively trusted and should never be sourced from a Chinese company for a government system. This is because the device drivers are also trusted code, as well as the device firmware. This still enables Chinese assembly, passives (resistors, capacitors, sockets, etc), and a large number of critical chips that need not be trusted. (Perhaps we should also make sure our systems are free of Russian and Israeli trusted-base components too.).
The U.S. government, by creating purchasing requirements that mandate such security, can use its market power to create and support a market for higher assurance computers that will not only benefit the government but potentially anybody in need of systems designed to resist supply chain attacks. It may take legislation, it may be accomplished by executive order, but it needs to be done.
Bloomberg’s reporters may have badly mangled these stories. But we need to take the supply-chain threat itself seriously. After all, if I was in Chinese intelligence, I would be thinking: “Well, we’re doing the time. We might as well do the crime.”
No comments:
Post a Comment