Saboteurs in Silicon

Via Slashdot (DARPA Sponsors a Hunt For Malware In Microchips) & BoingBoing (Hunt for the kill switch in microchips) — A story making the rounds today discusses the possibility of embedded instructions that could disable or allow spying through hardware chips.

This may be one more reason to look toward the model Transmeta was pushing several years ago: hardware chips that rely on software (firmware). Code is easier to audit than silicon, and it would also potentially mean that the life of the hardware could be extended.

Obviously using such tech for every chip is price-prohibitive at this point, but critical chips could use a mixture of this model and blind redundancy (whereby two manufacturers build chips to spec and both are soldered, either one is arbitrarily used when that part of the hardware is invoked).

Non-critical chips should be vetted and reused in future projects with a battery of tests to verify integrity. A chip lifecycle should be established to upgrade the approved chips list on a regular basis.