Forums

Original Equipment Needs To Shut Down Or Alert If the Circuitry Is Altered In Any Way

Started by Bret Cahill October 17, 2019
Temperature might be one way of doing it.  Any subsequent history of soldering would flag a problem.

Board watching cameras might be the easiest cheapest way to preserve the integrity of a device.

https://www.wired.com/story/plant-spy-chips-hardware-supermicro-cheap-proof-of-concept/

On Thu, 17 Oct 2019 09:20:36 -0700, Bret Cahill wrote:

> Temperature might be one way of doing it. Any subsequent history of > soldering would flag a problem. > > Board watching cameras might be the easiest cheapest way to preserve the > integrity of a device. > > https://www.wired.com/story/plant-spy-chips-hardware-supermicro-cheap-
proof-of-concept/ I read the other day you can take a "signature" of any given board for just such purposes with this particular device. It only takes a few seconds to run the check and one single component change on a board of several hundred components will flag up a different signature. It's kind of like an analogue version of the software integrity tests such as the histogram and bit parity check. I just wish I could remember who makes it and what it's called; should have made a note at the time I guess. -- This message may be freely reproduced without limit or charge only via the Usenet protocol. Reproduction in whole or part through other protocols, whether for profit or not, is conditional upon a charge of GBP10.00 per reproduction. Publication in this manner via non-Usenet protocols constitutes acceptance of this condition.
> > Temperature might be one way of doing it. Any subsequent history of > > soldering would flag a problem. > > > > Board watching cameras might be the easiest cheapest way to preserve the > > integrity of a device. > > > > https://www.wired.com/story/plant-spy-chips-hardware-supermicro-cheap- > proof-of-concept/ > > I read the other day you can take a "signature" of any given board for > just such purposes with this particular device. It only takes a few > seconds to run the check and one single component change on a board of > several hundred components will flag up a different signature. It's kind > of like an analogue version of the software integrity tests such as the > histogram and bit parity check. > I just wish I could remember who makes it and what it's called; should > have made a note at the time I guess.
There may be some way to do that online.
On Thu, 17 Oct 2019 14:45:52 -0700 (PDT), Bret Cahill
<bretcahill@aol.com> wrote:

>> > Temperature might be one way of doing it. Any subsequent history of >> > soldering would flag a problem. >> > >> > Board watching cameras might be the easiest cheapest way to preserve the >> > integrity of a device. >> > >> > https://www.wired.com/story/plant-spy-chips-hardware-supermicro-cheap- >> proof-of-concept/ >> >> I read the other day you can take a "signature" of any given board for >> just such purposes with this particular device. It only takes a few >> seconds to run the check and one single component change on a board of >> several hundred components will flag up a different signature. It's kind >> of like an analogue version of the software integrity tests such as the >> histogram and bit parity check. >> I just wish I could remember who makes it and what it's called; should >> have made a note at the time I guess. > >There may be some way to do that online. >
We were doing this since WW2. https://en.wikipedia.org/wiki/Tempest_(codename)
Testing for 'altered in any way' will catch cosmic ray tracks, temperature/pressure changes,
and half a thousand other irrelevancies.   It will likely miss a bugging device that is powered by
beamed microwaves.   

What CAN work, is a standard, generic hardware base with a firmware  personality; a multiplicity
of signatures can be applied to the firmware, and a one-time-buy of hardware can be
carefully scrutinized.   Even so, I've seen systems where it was ALL working, but (because
of a failing hard drive) some timings were WAY off; the hard drive wasn't going to admit
failure until it couldn't succeed-after-retry.   The problem of hidden firmware (like inside that
traitorous hard drive) has become endemic, in modern devices.

They're too smart.
> Testing for 'altered in any way' will catch cosmic ray tracks, temperature/pressure changes, > and half a thousand other irrelevancies. It will likely miss a bugging device that is powered by > beamed microwaves. > > What CAN work, is a standard, generic hardware base with a firmware personality; a multiplicity > of signatures can be applied to the firmware, and a one-time-buy of hardware can be > carefully scrutinized. Even so, I've seen systems where it was ALL working, but (because > of a failing hard drive) some timings were WAY off; the hard drive wasn't going to admit > failure until it couldn't succeed-after-retry. The problem of hidden firmware (like inside that > traitorous hard drive) has become endemic, in modern devices.
At least force them to go into the hard drive. Have a way to disconnect components and check the rest on the device.
> They're too smart.
A lot of people still cling to this notion of privacy which never really made sense in the first place. The 4th Amend. was never about privacy. It's about police planting evidence for a set up. The ACLU trivializes the 4th knowing lying its about privacy. Every revelation seems to be on the side of less privacy than thought. When was the last time you heard a story about users having "even more privacy than they expected?" You'd think they'd figger out privacy doesn't exist today. This doesn't even need to include Equifax using passwords like "admin." The feds just arrested a neo nazi planning a race war. Such arrests indicate the lack of privacy is worth the benefits. Demonetization, at least down to some limited size cash transactions, say, $10,000, would be OK. If your hooker or drug dealer wants more than $10K in cash you move to another country. Reduce the max bill size from $500 to $50 so that bribing politicians and media requires comically enormous totes. Nevertheless an honest law abiding person with highly motivated political enemies might be spending some time thinking about getting set up and falsely arrested. As long as the government is forced to explain everything to a jury it may work out for most people and society generally. Bret Cahill
A High-Tech Solution for Rooting Out Counterfeit Goods

Mobile optical scanners can check the authenticity of an object with
unprecedented speed

https://blogs.scientificamerican.com/observations/a-high-tech-solution-for-rooting-out-counterfeit-goods/
> A High-Tech Solution for Rooting Out Counterfeit Goods
> Mobile optical scanners can check the authenticity of an object with > unprecedented speed
> https://blogs.scientificamerican.com/observations/a-high-tech-solution-for-rooting-out-counterfeit-goods/
Most counterfeiters are inherently lazy so you don't expect them to do a good job. Decades ago Dad showed up for doubles and asked if anyone liked his new Prince. One opponent walks up to the net demanding a better look at the racquet and immediately announces, "that ain't no Prince." I compared the 3 ball logo later and they didn't even get the Prince logo right. A few years ago I received some designer pen supposedly worth $100 or more. I checked it out on line and that was a sloppy counterfeit as well. This didn't require any HD signal processing. Optical, one of the earlier suggestions, may be a way to force them to actually replace a chip with something that looks and does the same and, of course, a bit more. Bret Cahill When Rembrandt discovered his students were making more money selling fake Rembrandts than Rembrandt originals Rembrandt inquired if he could start painting fake Rembrandts. -- Joseph Heller _Picture This_