A Brief Rundown Of The Spying Questions Intel’s CEO Won't Answer

The article&#x27;s title is misleading; Intel has answered this question. They deny collaborating with NSA.<p>To that, add that there&#x27;s no evidence anywhere of any such collusion, and that Intel retained Cryptography Research to assess their CSPRNG design.<p>By pluralizing the word &quot;question&quot;, the article injects further misinformation. There&#x27;s <i>one</i> question people are asking about Intel: &quot;why should we trust the RDRAND instruction?&quot;. The question is asked not because there&#x27;s any evidence that RDRAND is compromised, but because CSPRNGs are a uniquely powerful point in a cryptosystem to insert a backdoor. Backdooring the AES instructions is harder; AES is deterministic, so there&#x27;s not much you can do with an &quot;evil&quot; AES. Not so with an RNG.<p>But RDRAND is a stupid backdoor. On every mainstream OS, including the two mainstream mobile OSs, RDRAND is (at best) one of several sources of entropy. In the Linux kernel CSPRNG, in FreeBSD&#x27;s Yarrow, and in WinAPI&#x27;s CryptGenRandom, controlling one entropy input (or even all but one of them) doesn&#x27;t make the CSPRNG&#x27;s output predictable. So even if it is backdoored --- which would be silly --- that backdoor probably doesn&#x27;t impact you in any meaningful way.<p>Cryptographers are wary of RDRAND. It&#x27;s a closed, proprietary design. Cryptographers would rather you use urandom to get your randomness, and if the OS wants to use RDRAND as one of its entropy sources, whatever. Cryptographers would say this whether it was Intel&#x27;s hardware RNG, Apple&#x27;s, Samsung&#x27;s, or Broadcom&#x27;s.

But he did answer them:<p><a href="http://www.reddit.com/r/IAmA/comments/1ycs5l/hi_reddit_im_brian_krzanich_ceo_of_intel_ask_me/cfltop4" rel="nofollow">http:&#x2F;&#x2F;www.reddit.com&#x2F;r&#x2F;IAmA&#x2F;comments&#x2F;1ycs5l&#x2F;hi_reddit_im_br...</a><p>The wording is carefully chosen so I&#x27;ll let people draw their own conclusions from it.

I&#x27;m not knowledgeable in the intricacies of cryptography, so this is something that bug me, how can the Random Number Generator be backdoored in a way that would be usable for the NSA without being detectable?<p>Surely you could graph the numbers that the RNG output and see if it&#x27;s random or not, no?

a favorite song of mine by kool keith comes to mind: &quot;i don&#x27;t believe you&quot; ( <a href="https://www.youtube.com/watch?v=Bc5cOohfHhA" rel="nofollow">https:&#x2F;&#x2F;www.youtube.com&#x2F;watch?v=Bc5cOohfHhA</a> ).<p>the world&#x27;s largest cpu manufacturer, which also happens to be based in the US, _not_ having NSA-mandated backdoors is entirely out-of-the-question. even if the cpus are not backdoored, you can bet all the NIC firmware &quot;happen&quot; to have a remote update path enabled, despite it not having a legitimate application in non-development environments.<p>intel is tre-owned and always has been.

Personally, I asked about early Pentium Ms lacking PAE.

Intel NICs are a far more plausible, useful, and hideable location for a backdoor (or even just an unintentional vulnerability) than RDRAND.