Hector and others have identified the component used in the bloomberg article to represent the hardware implant. I'd like to share my perspective on whether it's realistically possible:
If someone said that the implant was found inside a coupler, first I'd check component suppliers for couplers that might fit the bill. And the one displayed is pretty much the smallest one you can find with 'coupler' in the name.
A coupler is a filter - you'd normally have signals coming in & filtered signals going out the other side.
If you see a piece of alumina or ceramic and it has markings on top with a coupler's model number you'll assume that's what it is.
Perfect man-in-the-middle opportunity
If you see a piece of alumina or ceramic and it has markings on top with a coupler's model number you'll assume that's what it is.
Perfect man-in-the-middle opportunity
But a package is a package.
It is a single component, but it is assembled out of several pieces and has 6 pins.
Think of it as an ultra small pcb that you can customize.
It is a single component, but it is assembled out of several pieces and has 6 pins.
Think of it as an ultra small pcb that you can customize.
You could get a coupler, mill out material on the bottom, glue a piece of silicon in there, and then wire bond it to the pads of the coupler. It'd be indescernable from the top when it's soldered in place. But that's slow and manual.
If you haven't already, you should watch Shenzhen: The Silicon Valley of Hardware
While it's not security focused, it gives a really good perspective on how stuff gets built in china.
While it's not security focused, it gives a really good perspective on how stuff gets built in china.
You show up at the factory with a box of silicon and say 'package this for me' and you get it back next day. Or you show up with a bag of packaged chips, and say 'unpackage this silicon, and put it in a different package' Done.
You might see a bit more why creating a tiny hardware implant isn't actually that difficult when you've got open access to all of the manufacturing techniques. You should assume small scale and top secret techniques are several steps ahead of what's available on the open market.
Now, though, the flaws in the choice.
That's not a component you'd normally find on a motherboard. Finding it would be very suspicious.
There's lots of stuff on a motherboard. many of them are much larger and easier to hide inside or in place of.
That's not a component you'd normally find on a motherboard. Finding it would be very suspicious.
There's lots of stuff on a motherboard. many of them are much larger and easier to hide inside or in place of.
@riskybusiness cited a source that saw a white chip with 8 pins. So when you're matching up lots of sources, the coupler might sound like a good choice.
I'm pretty sure sure the implant was NOT inside that tiny coupler. There's no doubt that the images are mock-ups for the article. But I'm also pretty sure that it's in the realm of what's technically possible today.
This thread will be appended soon to the others here:
securinghardware.com/articles/hardw…
securinghardware.com/articles/hardw…
