Intel Special Team

Researchers at iSTARE have to act like professional hackers, finding microprocessors’ vulnerabilities before they go into production.

The other group of Intel, Intel, Covering you 1

“Evil Maid” attacks have become a complex cybersecurity problem for hardware manufacturers. When bad guys install malware directly on a user’s laptop, they gain access to that device and are difficult to detect. Of course, a leading chip manufacturing company in the world like Intel will be very interested in this issue.

Five years ago, Intel formed a special hardware hacking group, called the Security Threat Analysis and Reverse Engineering (iSTARE) Division. In which, about 20 experts of iSTARE are working in special laboratories in Haifa city (Israel) and the US.

Here, they analyze and find ways to “attack” future generations of Intel chips. From there, the team will find the processor’s security weaknesses and fix them before they are released to the market.

“Users do not always understand all security-related issues and perceive attacks as not dangerous. However, we need to think proactively. The sooner you stop all of this, the lower the risk,” said Steve Brown, Chief Engineer of Security and Product Assurance at Intel.

The task is not easy

When hackers exploit vulnerabilities to steal data or install malware, they often take advantage of flaws in the software or mistakes in the way they are programmed. In contrast, hardware hackers rely on physical actions to steal data or manipulate from the inside.

To find the hardware flaw, iSTARE researchers will solder new circuits on the motherboard, deliver special electromagnetic pulses to change the direction of current flowing through the processor, and measure certain physical characteristics. physical. Then, information leaks or vulnerabilities can be detected through abnormal heat or vibration of the hardware.

The other group takes care of Intel, Intel, and you 2

Experts at iSTARE have to use a variety of methods to find hardware vulnerabilities. Photo: Wired.

When it comes to the schematics and early prototypes of new Intel chips, iSTARE proactively finds and blocks all vulnerabilities that could be exploited and used by bad actors.

“We are basically hackers, figuring out what they want in an attack. It’s not just our job to find security holes, it’s our responsibility to develop the next generation of defenses to maintain the best security. We fix things before they hit the market,” said Uri Bear, iSTARE Team Manager.

“Ruining things is a joy sometimes” – Mr. Uri Bear, Team Manager iSTARE

In addition, software also plays a certain role in hardware attacks. For example, the famous “Rowhammer” attacks are physically based but use small software programs repeatedly to cause power leaks in the computer’s memory. This glitch will physically alter the data in such a way that hackers can gain more access to the system.

“Ruining things is sometimes a joy. We find ways to use encrypted or undesigned hardware and try to come up with new uses. Without hackers, everything would just be good enough and slowly become stale. Hackers are challenging current technology and forcing designers to make things better.”

However, the reverse operation of the finished products is the most efficient process. The main purpose of this is to probe the chip’s weakness under the same conditions that a hacker would. When inverted, experts will use tools such as electron microscopes to see the inner workings of the processor.

Of course, the iSTARE team has access to top-of-the-line analytical equipment that most digital scammers and hackers don’t. However, Mr. Bear also emphasized that the cost of many advanced analytics tools has come down and gives attackers more opportunities to break into devices.

Great responsibility

iSTARE also acts as an advisory group within Intel. The company encourages its design, architecture, and development teams to go through a review from iSTARE to implement changes before the hardware is finalized.

Isaura Gaeta, Intel’s vice president of product assurance and security, said the iSTARE team had a lot of requests, beyond what they could handle. So part of Gaeta and Brown’s job was to communicate the most general and essential findings to the various departments and development teams within Intel.

Another group of Intel, Intel, and brother companies 3

Besides finding vulnerabilities, the iSTARE team also developed a new security system. Photo: Intel.

In addition to the Rowhammer bug, chip makers around the world have faced other obstacles in securing hardware. For example, starting in 2016, Intel and other manufacturers began grappling with unforeseen security weaknesses of optimized systems.

Overall, chipmakers have had to scrutinize their processes, vulnerability disclosure programs, and fund internal security research.

“In the past few years, or even a decade, vendors have become more aware that hardware has the same security flaws as software. They’re trying to make sure that these bugs don’t appear in the customer’s product,” said Daniel Gruss, a researcher at Graz University of Technology (Austria).

“There are more and more complex vulnerabilities related to hardware” – Mr. Ang Cui, founder of security company Red Balloon

In addition, Mr. Gruss also confirmed that finding security holes is a very creative job, and companies are paying a lot of money for this department.

Of course, the iSTARE team knows they can’t find all vulnerabilities but will have the ultimate responsibility for the company’s popular products.

According to Mr. Ang Cui, founder of security company Red Balloon, the fact that hardware companies race to launch new products increases the likelihood of security vulnerabilities. As a result, groups like iSTARE will increase and play an important role in microprocessor companies.

In addition, Gaeta emphasized that by detecting security issues, iSTARE will save money and reputation for Intel and its customers. Ultimately, groups like iSTARE both help align interests between a tech giant like Intel and its creators, and help repel hackers who want to steal information.

(According to Zing)

Why did Intel quickly acquire Tower Semiconductor?

On February 15, Intel announced a $5.4 billion deal to acquire chip foundry company Tower Semiconductor.


Leave a Reply

Your email address will not be published. Required fields are marked *