The Interbase Backdoor and the Need for Open Hardware

1 point

9 years ago

What would happen if most hardware manufacturers would open their hardware and reveal their inner workings today? We're running our uber-secure systems mainly on completely untrustworthy platforms. No matter the level of encryption used, strong passwords, encrypted backups, etc. Although effective against normal malware writers, they can be useless if a powerful enough entity can force the hardware manufacturer to stick surveillance code into any piece of hardware so that data is read and relayed elsewhere even before it gets encrypted. A strong argument should therefore be built to support the push for more open hardware and the best example I could provide to support that, although coming from software and being an old and nearly forgotten story, will hopefully work in that direction: the Interbase backdoor.

Added in 1994, went unnoticed for about seven years but was discovered only a few months after Borland open sourced the database engine in July 2000. https://www.schneier.com/essays/archives/2001/03/back_door_security_t.html

Back to hardware, more recently some Smart TVs manufacturers were caught with their pants off while spying users watch lists and behaviour using their smart TVs. http://www.wcpo.com/money/consumer/dont-waste-your-money/some-samsung-lg-and-vizio-tvs-now-spy-on-you

And in some cases is even worse than that as devices don't just analyze viewing habits... http://www.geek.com/apps/samsung-reminds-smart-tv-owners-their-personal-conversations-may-be-recorded-1647353/

The risk of getting into an era where every device powerful enough to contain a backdoor will have one is very real; to me the only solution is to push very strongly for Open Hardware while educating users about its importance.