Why Spectre and Meltdown are likely "state-allowed" backdoors

Nearly all think that Meltdown and Spectre were just errors by the CPU industry derived from their prioritizing performance over security, and that surely is the main "technical" reason.

Many forget that Bruce Schneier said back in 2014 that, after what we learned with Snowden, "we should assume all mainstream CPUs to be compromised" (minute 32 of https://youtu.be/rJRsanm-ODI).

In another instance, he said: "I assume that all big companies are now in cahoots with the NSA, cannot be trusted, are lying to us constantly. You cannot trust any company that makes any claims of the security of their products. Not one cloud provider, not one software provider, not one hardware manufacturer.”

There are reasons to believe that Spectre and Meltdown vulnerabilities were not just discovered 6 months ago but they were known for a long time - by one or more CPU makes and governments - who deliberately inserted or discovered and left them there to allow government (more or less) lawful access.

This is the same exact thing as "inserting" a backdoor. No difference at all. Actually, it is the best and sleekest way to place a backdoor because you have near perfect deniability by all parties involved. In fact, the discovery of this bugs translates in a temporary decline in the stock prices and more orders for Spectre-proof chips from the same vendors, which may be required to enterprise and governments for compliance to GDPR or other rules.

Just very few need to be in the know. For example CPU making executive or senior R&D staff just have to make some architectural choices rather than other ones - or close an eye on a critical bug - and then slip out a word to high-level gov agencies.

Nothing we can do about it?

No, we can remove all unverified upfront trust not only in CPU makers, but in all critical components makers, designs and fabrication processes, and even in standards-setting - and allow an extremely safeguarded offline process to allow legitimate lawful access - as we are doing at TRUSTLESS.AI and the Trustless Computing Association.

EDITED TO ADD 1/11/2018: Our Trustless Computing Paradigms, on page 8 of our Whitepaper Summary (on our site) include since 2015 this assumption, baked into all our techs, governance and supply chain:

D. MEASURE: assumes that xtremely skilled attackers are willing to devote even tens of millions of dollars to compromise the lifecycle or supply chain through legal and illegal subversion of all kinds, including economic pressures; and many tens of thousands to compromise of the individual end-user.

 

 

 

 

Rufo Guerreschi

I am a lifetime activist, entrepreneur, and researcher in the area of digital civil rights and leading-edge IT security and privacy – living between Zurich and Rome.