My potential adversary is a totalitarian regime with OEM under their control, and possible physical confiscation of my devices. What are the steps I should take to mitigate the existence of hardware backdoor (e.g., malicious chip planted in in the manufacturing process of my keyboard)? All I can think of:
(1) get my devices from vendors further away from regime’s sphere of influence,
(2) Use 2FA in a separate device, everywhere.
Anything else? I realize that if hardware backdoor were to exist in my device, whole drive encryption would be futile. A quick look at the topic looks pretty scary already.
I notice hardware backdoor is seldom mentioned in privacyguides. Or is there a section / discussion somewhere already devoted to it?
Thank you very much.
I’m not sure I follow; just to clarify, do you mean a nationstate is acting between you and your devices or a business?
I’m been thinking about this myself lately and have already started to take steps. I plan to build a new computer with the RISC-V SoC archetecture, likewise I’ll select an open-source GPU, I’ll shield the case from displaying possible RF signals, install linux, and audit each component as it comes. Like for instance, verifying the bios on the motherboard before installing everything.
Is that what you was getting at?
It’s because, most people concerned with it, are paranoid and not worth the resources required to actually pull off an exploit like that. We see a lot of “crazy folk” who think they are for some reason “important”. No, you’re probably not the next Edward Snowden, is what it often boils down to. Notice that Snowden didn’t hang around inside of the US after he made revealed his documents?
Secondly, there isn’t a whole lot of options in regard to this, unless you’re willing to settle for extremely old (10yo old laptops) or expensive hardware.
If you were someone that is a specific target of nation state’s intelligence services, simply using “different hardware” won’t be sufficient anyway. They will have the time to dedicate to old fashioned methods such as secret cameras, recording devices, or people photographing you.
Simply put, it’s difficult to evade such an adversary for long periods of time and requires quite a bit of other tradecraft to do so.
Im thinking it is like sone ceetain phones where there are probably built in backdoors.
Devices made outside your home country would be desirable for this purpose. For a non-targeted individual, you may want to have a device version that is sold specifically outside your country.
The problem is that you would appear somehow unique and potentially be easier to trace if your device has somehow broadcasted its foreign device ID. You would stand out from the crowd.
If you intend to use such a device keep it off the internet and consider removing/modding the WiFi/Bluetooth/NFC and maybe the cellular baseband itself so that it is permanent off. If you are willing to go that far, it may not be significantly different to go for a similarly modified local phone.
If you are worried for hardware interception and subsequent modification, that will likely not be used against average persons because infrastructure has already been created to surveil and this level of surveillance is costly and you risk losing it to the hands of your enemy.
You may want to use a simple and well known and well documented PCB, such as the Raspberry Pis for your paranoid pursoses.
Also, why use hardware backdoors when software backdoors on the server side is already there.
Thank you! The amount of people that think that they’re the main character and come up with all kinds of theories is insane, I see this everywhere.
You guys act like the FBI wasn’t putting parents who spoke at school board meetings in the terrorist watch list.
It’s laughable when people think that they’re so safe, secure and anonymous that the alphabet boys will need to result to hardware backdoors because of them. Unbelievable.
From wikipedia page I shared:
// two mobile phones… were found to carry a backdoor to instantly gain root access via a password that had been hard-coded into the software //
Police in Xinjiang at checkpoints scan phones of ordinary citizens. Lesson: if my (or perhaps your) state one day decides to do so, I (together with numerous ordinary citizens) will be targeted despite I am far from being Snowden.
Not as thoroughly as you do. I have been accessing how real the danger is, and whether it is wise to save money getting hardware manufactured within the border of totalitarian regime.
(Sorry I previously replied to the wrong message)
Everyone has the right to be paranoid these days. The persecution of political dissent is not even veiled anymore even in western “democracies” (let alone OP, who seems to be in China).
But not everyone has the technological knowledge to understand how it affects them and how to be safe.
So that condescending obnoxious attitude is not helpful.
Correct me if I’m wrong but there’s no such thing as real open hardware, you have to trust the manufacturer. There’s no way around that as far as I know.
Also, if there were real backdoors baked into the hardware there’s no need for exploits and 0days. And to my knowledge even the biggest scandals like pegasus were based on software exploits.
Technically, there are some hardware that is fully free, in the sense that the firmware is fully open source, but they are pretty old or is on RISC-V such as the Talos and are a bit pricy.
@anon28734771 please be reminded that not everyone lives in a free and western democracy like you do.
That’s why Apple has different software and restrictions, such as not providing E2EE in China. If they want to spy on you or get you, they will do it trough software. Hardware backdoors are conspiracy bs and nothing more unless there is proof or evidence.
Pixel device with Graphene OS and somewhat acceptable OPSec is all you need unless you’re a high target or someone important. Which face it, only few people are. Even Edward Snowden uses GrapheneOS and QubesOS on his hardware, and I doubt that he is checking for hardware backdoors or smth. He lives in Russia too.
Conspiracies have no limit, there are people who think that Google tracks people on a hardware level trough Tensor and send that data over satellites.
The thing with hardware backdoors, is that I can’t imagine them working without some aid from software. So, changing the OS to some no-standard reliable open-source alternative has a high chance of closing those doors.
Note that “hard-coded in the software” doesn’t mean a hardware backdoor. Flashing a custom ROM into those phones would solve that problem, for example.
A note on discourse:
A discussion apart from the ego can be likened to a multitude of minds in unison, a group think, or a interconnected neuro-net. The less we argue, the better.
A note on a privacy beleif:
The days of single suspects and the rest of the fish get through the net for 3 letter agencies is gone thanks to AI. Obama versions of RX-84 and NSA’s monitoring of the internet means that you will be automatically placed in a group for certain things done on devices - being on this forum is one such thing.
Let’s try to stay in topic.
Are hardware backdoors technically possible? Yes.
Are they widespread? Probably not, we do not have much evidence of that without physically tampering a device.
How likely is they will occur comparing to other software exploits? Probably not so much because it’s way simpler to hack you remotely with some exploit or 0day or using some other traditional methods.
Totalitarian regimes don’t need them to spy and track you, they already can.
One of the most reasonable replies.
Having a realistic threat model is important too. Are you important enough that a team of 10 agents has been assigned to watch you pick your nose and scratch your butt? Probably not.
Also quite costly, and quite rare. These sorts of things are worth millions of dollars each.
To be honest, even if a nation state has an access to hardware back door, they won’t spend this precious thing for each target. There are easier and cheaper ways like Pegasus. Hardware backdoors exist but they are generally intended to penetrate intelligence and military agencies infrastructure, not for opposition or sth like that.