Backdoors are for houses, not security: Page 2 of 2

July 26, 2019 //By William G. Wong
Backdoors
Attorney General Barr is only the latest to suggest that a “safe” backdoor should be added to products. That’s a very, very bad idea.

Good security is built on layers that have been tested and designed to work together. The latest systems are designed from the ground up for security, starting with private encryption keys that never exist outside of the chip. Secure boot is simply the next step of the process. All of this security, hardware, and protocols are designed to prevent specific types of attacks. There are many ways to attack a system, and it only takes one success to cause major headaches.

There are ways to provide hierarchical security within many systems, but that’s by design. Backdoors bypass this design. It will be even worse if a backdoor gets added after the fact.

Another problem with backdoor security is that those who feel secure because of the primary security system have been deluded. The premise for a backdoor is that the “good guys” can do things the “bad guys” will not know about. Unfortunately, that’s often not the case—the backdoor can be used for nefarious reasons regardless of who is controlling the backdoor. Gaining access by compromising a backdoor system or attacking a poorly designed one results in a system that’s not only hacked, but the security layers designed to isolate other attacks are completely bypassed.

The bottom line is that backdoors should not be included in any system, and everyone should understand why. There’s no secret sauce that will make a backdoor safe. Don’t let anyone try to convince you otherwise.

This article first appeared in Electronic Design - www.electronicdesign.com

Related articles:

Analysis tool reads through chips’ architectures

Researchers unlock microphones to inaudible audio

Microsemi tackles FPGA security worries

Easily-tricked MEMS are security threat, says university

 


Vous êtes certain ?

Si vous désactivez les cookies, vous ne pouvez plus naviguer sur le site.

Vous allez être rediriger vers Google.