Ask HN: I just gota new macbook. How can I check for NSA sabotage?

11 points by quantumpotato_ ↗ HN
Specifically, Intel chips that are known to be sabotaged, or programs I can run to search for network interference?

4 comments

[ 2.9 ms ] story [ 26.9 ms ] thread
Well, it's hard to combat an adversary whose capabilities aren't known.

They could have hardware backdoors installed that would theoretically be undetectable unless you opened your case up and physically compared each chip and integrated circuit against a known whitelist.

They could have software backdoors installed in the form of firmware or microcode. Auditing these things is also very difficult because most of the time the manufacturers do not provide much (if any) documentation.

They could have malicious peripherals installed such as usb cables with hardware keyloggers built in, in which case you'd have to physically cut open all your cables, etc.

They could have rootkits installed, though there are tools such as rkhunter and chkrootkit that attempt to discover these.

>Intel chips that are known to be sabotaged

Check your chip(s) against any known blacklists or whitelists that you might have access to

>programs I can run to search for network interference?

Depends on your level of paranoia, but a sophisticated rootkit could hide network traffic from any firewalls on your machine, so you'd need to do monitoring with a second machine using something like Ethereal (I think it's called Wireshark these days?)

Soak it in water for twenty minutes. The fake identifier stickers will fall off.
Step one, purchase a controlling stake in your own chip fabrication plant...
Microwave on high for 20-30 minutes. Season to taste.