undefined | Better HN

0 pointsmschuster918y ago0 comments

Somewhere you have to externalize trust. What use is the open HDL code for a chip if you cannot be sure someone down in the manufacturing chain hasn't... modified it?

Certainly this kind of attack is not your average script kiddy but nation-level instead, but I wouldn't put it past the NSA to pull this off.

0 comments

BrainInAJar8y ago

Correct, you do need to externalize trust somewhere, but the Richard Stallman level of "chips are ok but firmware is not" is not the correct place for it.

SkyMarshal8y ago

If only we could checksum the commercial hardware and compare it to a reference implementation checksum.

j / k navigate · click thread line to collapse