[cryptography] evidence for threat modelling -- street-sold hardware has been compromised

Peter Gutmann pgut001 at cs.auckland.ac.nz
Tue Jul 30 20:52:37 EDT 2013


Marcus Brinkmann <marcus.brinkmann at ruhr-uni-bochum.de> writes:

>If you trust anonymous leaks to the Financial Review by members of your
>favourite spying agency network, then I guess its "evidence".

More importantly, look at the dates:

  The ban was introduced in the mid-2000s after intensive laboratory testing
  of its equipment allegedly documented 'back-door' hardware and 'firmware'
  vulnerabilities in Lenovo chips.

In the mid-2000's, Lenovo PCs were still IBM Thinkpads (the sale to Lenovo
happened in 2005).  ZOMG!  IBM backdoored them, not the Chinese!  And to think
that they've always been the most patriotic of computer manufacturers (Watson
turned IBM over to the USG in both WWI and WWII).  It was all a trick!

So either the analysis found completely normal design features in IBM parts,
or it's the usual USG paranoia about the Chinese.  Yawn.  Next story about the
Yellow Peril due in six to eight weeks.  Lather, rinse, repeat.

Peter.


More information about the cryptography mailing list