Guarding against the possible Spectre in every machine
- By Scott Shackelford
This article was first posted on The Conversation.
Security vulnerabilities in technology extend well beyond problems with software. Earlier this month, researchers revealed that the hardware at the heart of nearly every computer, smartphone, tablet and other electronic device is flawed in at least two significant ways code-named Spectre and Meltdown.
Regardless of their cause, the mere existence of these significant vulnerabilities is a symptom of a much wider problem. Too few technology companies are taking proper precautions to protect every step in their supply chains, from raw materials through manufacturing and distribution into customers’ hands. Products could be altered either in the factory or en route to a user, turning, for example, an executive’s smartphone into a handy surveillance device.
I am part of a multidisciplinary team of researchers based at Indiana University studying this thorny problem. Our work has helped highlight the simple fact that better supply chain security could both prevent and make it easier to recover from accidents -- as the chip flaws appear to be -- and deliberate meddling.
Backdoors and secret passages
It’s common knowledge that hackers can attack software by sending users virus-infected emails or compromised links. But they can also meddle with computers by altering tiny circuits in microchips most users will never see. These weaknesses are physical, and they’re just as hard to identify as mistakes in software code.
The complex supply chains involved in most technological manufacturing are very hard to secure. Apple’s iPhone, for example, involves hundreds of suppliers from around the world making chips and hard drives, all of which have to be shipped, assembled and warehoused before ever being delivered to an Apple store or your door. All of these steps introduce numerous opportunities for security problems to arise; recent research has even suggested hackers could use smartphone apps to destroy manufacturing equipment or even blow up entire factories.
While no such large-scale disaster has yet been identified, even sophisticated retailers like Amazon have been fooled by counterfeit or poorly manufactured facsimiles of real products. Some supply chain threats can be more malicious: In 2012, Microsoft warned customers that Chinese computer factories were installing malware on PCs.
Enter the ‘internet of everything’
As more and more devices -- not just computers and smartphones but thermostats and baby monitors and wristwatches and lightbulbs and even doorbells -- get connected to the internet, the growing scale of the threat from hackers can easily get lost in the excitement.
In 2009, the Department of Defense thought it had a great way to buy a lot of computing power without spending too much taxpayer money: It bought 2,200 Sony PlayStation 3 gaming consoles to use as components in a military supercomputer. But as I and others wrote in response, those systems are often manufactured abroad, making it that much more difficult to verify that they weren’t tampered with.
The Navy, at least, has learned from this mistake: The Naval Surface Warfare Center Crane Division has pioneered automated inspections, using artificial intelligence to examine digital pictures of new circuit boards to detect unauthorized alterations.
Americans are rightly concerned about intrusive alterations during the manufacturing and shipping processes -- in part because U.S. government agencies conduct them. Leaked documents have shown how the National Security Agency’s Tailored Access Operations team routinely intercepts new computer and networking equipment being shipped to specific people or organizations. Then NSA workers modify the hardware to add vulnerabilities and secret access for NSA hackers to use later, and then put the equipment back in boxes to be delivered as if nothing had happened.
Is blockchain a solution?
One new way to secure supply chains involves blockchain technology -- a secure database system stored and maintained across many computers around the internet -- to track and verify all aspects of a supply chain, even one as complicated as Apple’s.
IBM and the international shipping giant Maersk are experimenting with using blockchain systems to better secure and transparently track shipments, such as by entering information about what is being shipped from whom and from where to whom and to where, and every step along the route in between, in a blockchain database.
This type of system can handle many of the existing tasks performed by corporate databases -- with scanners monitoring items and packages at key stages, and humans adding data like delivery details. But blockchains offer at least three key advantages: security, transparency and automation.
The security comes from two features of blockchains: First, the data is stored in discrete chunks, or “blocks.” And as each block is created, it must securely link to the previous block in the database, making a “chain” of blocks and preventing anyone from modifying previously stored data. Changes can only be stored as additional data in the chain.
So, in effect, a person who took a package to the post office couldn’t go into the database file and delete the word “Processing” and type in the word “Shipped” in its place. Rather, the person would add data saying the date and time the package was dropped off at the post office. That lets everyone track the package in real time, but also keep an eye on how long each step takes and help to identify where any problems occur.
Blockchain transparency results from the fact that its data is stored in encrypted form, but is otherwise available to participants. Coupled with its security features, a blockchain supply chain database would let any entity involved in a shipment, for example, track the order’s progress with confidence that the data is accurate.
Adding value to blockchain systems is the fact that they are digital records, so they can contain software code set to perform specific functions when certain data is stored in the system. These are often called “smart contracts,” because they are unalterable instructions that can automate some processes, like issuing a payment upon delivery. This adds another layer of security, too, because the blockchain itself can keep an eye on how long each step takes for every item, and then alert human supervisors if something takes too long -- a sign of a production breakdown, or even a signal someone might be tampering with the goods.
Neither a magic bullet, nor a lost cause
No blockchain is immune to hacking -- and none of them can evade the effects of hardware vulnerabilities like Meltdown and Spectre. But it could provide a major improvement over today’s methods and practices.
There’s a long way to go yet, including training people to use blockchains and agreeing on standards for data communication, encryption and storage. And such a system would still face the problem of insider threats, though the underlying blockchain technology would make such attempts more difficult.
At present, companies and government agencies are exploring ways to ensure that items are manufactured, assembled, shipped and delivered reliably and without tampering. Continuing these efforts, and finding new ways for private companies and governments to work together and share best practices such as by developing collaborative standards, would go a long way toward building robust blockchain-based systems that can help track and secure hardware across the burgeoning internet of everything.