The subject matter of the article is sound, however the execution leaves me skeptical that this isn't just hobbled together FUD for the sake of traffic/audience. The last two paragraphs sealed the deal for me.
I just hope our geeks are working just as hard as their geeks.
There's a simple solution to things like this. If you have data you'd consider top-secret, why the fuck is it on an internet-available PC. I mean if I need it stored on a PC, I'd store it on a non-networked PC and it's safe from all virus, Trojans and whatever else.
I see a lot of skepticism in the original article's comments about whether this is possible or not.
Yes, it'd be hard to hide a whole TCP/IP stack in hardware (though perhaps it could be in ROM if we're talking about CPUs), but how hard would it be to hide a simple UDP-based key logger?
Look at the hundreds of thousands of pwned machines that are part of spam botnets. Clearly, machines can be co-opted.
And we have plenty of evidence that China is involved in a (asymmetric) full-out cyberwar with us.
This article was heavy on FUD and speculation, and light on facts (expected that). The trojan (if it exists) would either have to work with the O/S, in which case it would either work in *nix or Windows, but not both; or it would talk directly to the hardware bypassing the O/S, so encrypting your data stored on your hard drive should protect it. Keyloggers are a different story though and I see where a keylogger could send data by talking directly to the hardware and bypassing the O/S. I wonder if you might get more protection from that by not using your motherboard's Ethernet interface at all and install a separate network card instead? Then the trojan would need to have its own TCP/IP stack and drivers for the NIC, and that's less likely (I hope).
4 comments
[ 3.5 ms ] story [ 16.1 ms ] threadI just hope our geeks are working just as hard as their geeks.
Yes, it'd be hard to hide a whole TCP/IP stack in hardware (though perhaps it could be in ROM if we're talking about CPUs), but how hard would it be to hide a simple UDP-based key logger?
Look at the hundreds of thousands of pwned machines that are part of spam botnets. Clearly, machines can be co-opted.
And we have plenty of evidence that China is involved in a (asymmetric) full-out cyberwar with us.