Last October, Bloomberg published a blockbuster story claiming that some of the largest tech companies in the world, as well as sensitive US government and military systems, had been attacked through minute hardware implants that had been inserted at a subcontractor facility during the manufacture of servers from the world's leading server company, Supermicro.
The story immediately drew forceful — and unprecedentedly detailed rebuttals — from many of the companies involved, creating a mystery that is still being debated: if Bloomberg sourced its story as carefully as it claimed, then how to explain all these detailed rebuttals? And if the rebuttals are to believed, then how to explain the dozens of people from different companies and agencies who would have had to collude to trick Bloomberg's reporters into publishing the story?
Bunnie presented a 45 minute talk on supply-chain attacks earlier this month at Microsoft's Blue Hat conference in Tel Aviv (he pitched the talk before the Bloomberg story broke, but the timing was indeed fortuitous).
I appreciate that 45-minute blocks of time are few and far between for most of us, but this is 45 minutes well spent. Huang walks through several techniques for sabotaging and compromising hardware, and uses his deep expertise in arranging and overseeing electronics manufacture to describe how you could pull these off in the real world, and what difficulties you'd encounter. In all the discussions of the supply chain hack story, I have never seen anything this comprehensive and nuts-and-bolts about what a supply chain hack actually looks like.
It's a fascinating ride: part spycraft, part chewy logistics, part infosec, and Huang has plenty of "ooh" moments, to say nothing of laugh-lines.
In the end, Huang pronounces judgment on the Bloomberg story, declaring that it fails to pass Occam's Razor for several reasons — not least that Bloomberg describes these cunning and fiendish implants that are still recognizable as implants, and as Huang demonstrates, there's no reason for implants to be distinguishable from normal electronic component.
Having set out many ways in which hardware can be compromised (and usually not for spying, but for economic gain — that is, to slide counterfeit or recycled parts into the supply-chain), Huang does not describe what kinds of countermeasures might reliably detect these shenanigans — but he does dangle the possibility that he'll address this in future talks or writing.
The main insight is that transparency or openness of design by itself does little to secure a supply chain, because the entire situation is one huge TOCTOU problem. Checking hardware design files, locking down the assembly line, and Fedexing the product to your office is like hashing and signing your source code, running it through a trusted compiler, and then sending the binary unencrypted over the Internet and trusting it because it was "thoroughly checked".
The inverse analysis is equally daunting: in software, one may copy each binary into RAM, hash and check its cryptographic signature, and run it only if it checks out. For hardware, there is no equivalent of "hash this instance of hardware and check its cryptographic signature" before use: "hashing" hardware involves taking it apart and inspecting every transistor and wire, which is both impractical and likely to render the hardware non-functional.
Thus while open source hardware does engender some benefits for security (such as disclosing μ-state for Spectre side-channel analysis and ensuring no backdoors due to design oversight), it addresses a separate problem domain from supply chain attacks. While an open source hardware phone is arguably more trustable than a closed source one, open source is necessary but not sufficient for it to be trusted.
Supply Chain Security Talk [Bunnie Huang]