Description: Electronic devices such as mobile phones, laptops, music players have become an integral part of our daily life. Do we ever consider the possibility that these could be used to compromise our privacy and leak our deepest digital secrets? In this Defcon 16 talk titled "Demonstration of Hardware Trojans" University of Delaware professor Fouad Kaimilev and his graduate student Ryan Hoover demonstrate the triviality of building hardware trojans into devices during the design and fabrication process. These modifications can be cleverly done without changing the overall functionality of the device, thus making them virtually undetectable. In this talk they demonstrate 3 techniques a hardware trojan can use to leak information - thermal, optical and radio. Also, these trojans are activated only when a certain sequence of input is sent to the device, thus making them inert for most of the time.
This is a serious problem as most of the hardware for consumer electronics at least is imported from other countries. The only probably to secure the situation would be to have very strict security and quality checks during the design, fabrication and production steps. However, given the sheer number of such common devices out there and factoring this by the complexity of individual chips within it, this is probably practically impossible to enact in real life.
Overall, its a great talk. Good to see academia finally doing some interesting research. I am posting 2 videos - the first is a short one consisting of the demo of the trojan hardware in the lab, the second is the actual Defcon talk. The slides for the talk are available here.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.