Boot malware has been seriously discussed since 2007 at various *****hat conferences. Then Snowden showed that NSA had already perfected this for their "toy store" in 2006. Mitre Corp. has done a lot of public work on this issue. Google "Copernicus" for some of their work. Those "trusted" modules? (TPM, etc.) The primary reason for their existence seems to be providing a standard so that everyone stores their secrets in the same locations, enabling the PC population to be exploited "at scale". Between the activities of the NSA & GCHQ, you can reasonably suspect _every_ Intel & ARM processor built since 2001. That oh-so-public tiff between Apple, Google & the FBI? U.S. taxpayers should at least get free popcorn to watch this spat, which is about as sincere as the WWE (ex-WWF): http://finance.yahoo.com/q?s=wwe https://en.wikipedia.org/wiki/WWE At 08:28 PM 4/13/2015, Dave Dyer wrote:
Are there any documented (or even suspected) cases of exploits based on bugs in the implementation of chips? Or of features hidden in the implementation of chips?
I guess the current exploits on flash memories are close, but it's much easier to compromise a computer system "at birth" by hiding things in the boot rom or other low level embedded software.