BI: Could you respond to this Errata post specifically?
1) We have made no reference to any Chinese involvement in either of the released papers or any reference to espionage. Therefore we don't agree with Robert Graham's assertion that we suggest Chinese involvement. So we have no idea why people have linked the Chinese to this as it did not come from us.
2) As far as we are concerned the back door was implemented by the manufacturers at the design stage and we suggest that in the papers.
Ok? So now we can all agree that the article of the original thread is about fraudulently copied functional equivalents, and not Chinese espionage like Sergei Impliedalotovstov says he's not alluding to. And we can agree that your rebuttal's author Sergei found a method to read out Actel's FPGA programming....which would allow certain data to be read if you could clip wires onto that physical system.
Wooptiedoo! Anyone who has ever fired up an evaluation board with a microcontroller or FPGA from Actel or Xilinx has known this for decades.
I've already mentioned upthread a more glaring, public, non-hidden problem with FPGAs which have the ability to be programmed via serial links and networks. So yeah, those systems could be vulnerable to cyberattacks from Korea or Russia or Israel or China. But that is coming from insecure design and development of the intended, advertised product MADE IN THE USA. Not Chinese "backdoors" in resistors!
But Sergei Wrotealotovrot did a smart thing by fanning the espionage flames. Otherwise his "expose" of an obvious internal exploit for a particular US design would've gotten ho-hum interest from anyone who knew anything about JTAG programming of FPGAs. BTW, you realize that the engineers who implemented that JTAG logic function have a design spec internally, and they have a Verilog or VHDL description of it, and tested it internally. Anyone who worked on that project knows everything Sergei Didalotovnada learned, and was not under any kind of military clearance, and might not have even had a non-disclosure agreement with respect to emailing it to a colleague, customer, student or chinese spy!
There is an OBD-II test port under your dash in your car. Sergei Solderingiron could go to the dealer with your car and tap on to the link while the dealer connects his diagnostic computer, and Sergei could write a paper about undocumented OBD-II registers on your particular ECM.
That ECM and/or other chips in the car may be made in part or in whole in China. Some of the components may even be fraudulent copies of legitimate chips.
Sergei may have another interesting paper, and Sergei may be able to even write some registers to lean out your engine and burn a valve if you let him in the car and let him reprogram it.
But nobody in Beijing can flip a switch and make your car go dead in an intersection!
Test Port ≠ Remote Backdoor