Profile picture
Joe Fitz @securelyfitz
, 12 tweets, 3 min read Read on Twitter
Hector and others have identified the component used in the bloomberg article to represent the hardware implant. I'd like to share my perspective on whether it's realistically possible:
If someone said that the implant was found inside a coupler, first I'd check component suppliers for couplers that might fit the bill. And the one displayed is pretty much the smallest one you can find with 'coupler' in the name.
A coupler is a filter - you'd normally have signals coming in & filtered signals going out the other side.
If you see a piece of alumina or ceramic and it has markings on top with a coupler's model number you'll assume that's what it is.
Perfect man-in-the-middle opportunity
But a package is a package.
It is a single component, but it is assembled out of several pieces and has 6 pins.

Think of it as an ultra small pcb that you can customize.
You could get a coupler, mill out material on the bottom, glue a piece of silicon in there, and then wire bond it to the pads of the coupler. It'd be indescernable from the top when it's soldered in place. But that's slow and manual.
If you haven't already, you should watch Shenzhen: The Silicon Valley of Hardware
While it's not security focused, it gives a really good perspective on how stuff gets built in china.
You show up at the factory with a box of silicon and say 'package this for me' and you get it back next day. Or you show up with a bag of packaged chips, and say 'unpackage this silicon, and put it in a different package' Done.
You might see a bit more why creating a tiny hardware implant isn't actually that difficult when you've got open access to all of the manufacturing techniques. You should assume small scale and top secret techniques are several steps ahead of what's available on the open market.
Now, though, the flaws in the choice.
That's not a component you'd normally find on a motherboard. Finding it would be very suspicious.
There's lots of stuff on a motherboard. many of them are much larger and easier to hide inside or in place of.
@riskybusiness cited a source that saw a white chip with 8 pins. So when you're matching up lots of sources, the coupler might sound like a good choice.
I'm pretty sure sure the implant was NOT inside that tiny coupler. There's no doubt that the images are mock-ups for the article. But I'm also pretty sure that it's in the realm of what's technically possible today.
This thread will be appended soon to the others here:
securinghardware.com/articles/hardw…
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Joe Fitz
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!