Modern computers — nay, most CPU-based devices — are too complex for any one person to understand every component. That includes the people who design and manufacture them.
Hardware and software system designers assemble modules (“subassemblies”) whose inner workings are unknown to the system designer. The system designer cares only about the modules’ inputs and outputs — the “guzintas” and “guzoutas”.
This has security implications, now that system manufacturers purchase subassemblies worldwide. System designers can avoid unpleasant surprises by tightening subassemblies’ input/output specs, but still it’s difficult to discover hidden backdoors. Huawei Technologies Co. Ltd., a large Chinese networking manufacturer and services company, has been accused of incorporating backdoors into its networking equipment.
The old tried and true quality control method of source inspection, or even 24/7 on-site inspections as performed by the US Defense Department’s DCAS (Defense Contract Administration Services) may be required to keep vendors honest. One result of tighter quality control is higher prices. Consumers won’t pay higher prices, so I predict that consumer-grade products will become increasingly insecure.
The result of poor traceability is counterfeiting. Here’s a quote from my article titled US agencies catch SOME counterfeit network gear: “Cisco gear is so widely counterfeited in China that there’s a word for it: Chisco.”
Visit my website: http://russbellew.com
© Russ Bellew · Fort Lauderdale, Florida, USA · phone 954 873-4695