ASML Holding and Taiwan Semiconductor Manufacturing Co. have ways to disable the world’s most advanced chip-making machines in the event that China invades Taiwan, according to people familair with the matter.
Depends how its set up. So long as it’s fully independent and disconnected from existing digital infrastructure it should be safer. It could be as simple as explosives hard-wired with a buried line running up into some bunker up in the mountains.
That’s what you have to do of you don’t want the invaders to get the tech. If you brick the processors they still have the machines. I’m not sure what the secret sauce is in this case, but china has a reputation of reverse engineering things in spite of foreign laws. The best way to keep it from happening is to make sure they get no part of it.
So long as it’s fully independent and disconnected from existing digital infrastructure it should be safer.
It’s a puzzle, because anything with too many safety features can be easily disarmed. But anything with too few can be prematurely detonated.
Imagine what happens to the Taiwanese economy if there’s a Chinese feint or false alarm and the facility bricks itself. A massive economic downturn would not work to the benefit of an island so heavily reliant on foreign trade.
remember the stuxnet botnet, and how nobody knew what it was for?
turns out it was programmed to activate in the very specific conditions inside the iranian nuclear reactor facilities and sabotage it. the facility was airgapped but stuxnet was so ubiquitous in the country by then, someone just needed to bring the first usb stick in for it to be a pwn. or so goes the story.
iirc the us and israel admitted to doing it years later, it was somewhere in the obama era and they wanted to sabotage iran’s nuclear program. the systems remained infected for years reporting bogus data and slightly messing with the parameters so it never worked well and their scientists remained stumped until the virus was discovered.
shows how vulnerable our systems really are to organizations with unlimited money.
In the same report, Sean McGurk, a former cybersecurity official at the Department of Homeland Security noted that the Stuxnet source code could now be downloaded online and modified to be directed at new target systems. Speaking of the Stuxnet creators, he said, “They opened the box. They demonstrated the capability… It’s not something that can be put back.”
Dealing with Stuxnet has probably advanced Iranian cyberwarfare capablilites by several orders of magnitude that they wouldn’t have otherwise. That’s the problem with using this stuff as weaponry - they don’t explode.
Geopolitics aside, the technical architecture implementation of this mechanism is really interesting for me. I think over all, having extra ability to disable these systems would prevent US launching attacks against the plants — which could cause spill over local civilian injuries — but there’s just so many more things to consider.
Is it a dead-man switch style of setup, where if it doesn’t get authorization from HQ after some time, it will stop working? Or is it a kill switch style of setup, where they can remotely issue a command to stop operation? Because different vectors then come up depending on the securing method. For example: Dead-man switch might be tricked/overcame by turning back the clock, whereas kill switch might be circumvented by severing the network connection before the command could be issued (literally cut the underwater cables before they start the invasion).
How is the mechanism itself secured? If it is certificate based like everything else, then we’d have to worry about the certificate signing authority getting pressured into signing certificates by state backed actors.
Would really love to learn about the setup one day after all these is over, to learn about the thinkings that’s been done on such an important piece of … “infrastructure”?
They’d have everything to lose. Everyone wants those machines. Disabling or destroying those machines is like slashing the only nice life raft on the open ocean. Sure, there are others, but they have cracked rubber and don’t seem as firm. Bleeding edge fabs are the oil of the 21st century.
The flip side of this is that hackers can brick the same machines…
Depends how its set up. So long as it’s fully independent and disconnected from existing digital infrastructure it should be safer. It could be as simple as explosives hard-wired with a buried line running up into some bunker up in the mountains.
By remotely I don’t think they meant a long RJ45 cable connected to nothing.
So this doesn’t look like a setup that can be fully secure.
Could even be completely fake and just to dissuade China from invading.
That would be clever.
A guy with an RC car remote, peering across the Taiwan Strait with benoculars
Stuxnet would like to have a word
Note, I said safer, not completely safe. Even a hard line to a bunker simply needs someone to locate the line and activate it.
Completely safe does not and likely never will exist, as the history of human arms evolution should demonstrate.
Assuming it wasn’t shielded and knew you where near by couldn’t you just broadcast the code or what ever with enough power to cause the same effect?
That’s what you have to do of you don’t want the invaders to get the tech. If you brick the processors they still have the machines. I’m not sure what the secret sauce is in this case, but china has a reputation of reverse engineering things in spite of foreign laws. The best way to keep it from happening is to make sure they get no part of it.
It’s a puzzle, because anything with too many safety features can be easily disarmed. But anything with too few can be prematurely detonated.
Imagine what happens to the Taiwanese economy if there’s a Chinese feint or false alarm and the facility bricks itself. A massive economic downturn would not work to the benefit of an island so heavily reliant on foreign trade.
state actors have hacked airgapped equipment before, an actual backdoor will be ripe for exploitation.
:o how?
remember the stuxnet botnet, and how nobody knew what it was for?
turns out it was programmed to activate in the very specific conditions inside the iranian nuclear reactor facilities and sabotage it. the facility was airgapped but stuxnet was so ubiquitous in the country by then, someone just needed to bring the first usb stick in for it to be a pwn. or so goes the story.
iirc the us and israel admitted to doing it years later, it was somewhere in the obama era and they wanted to sabotage iran’s nuclear program. the systems remained infected for years reporting bogus data and slightly messing with the parameters so it never worked well and their scientists remained stumped until the virus was discovered.
shows how vulnerable our systems really are to organizations with unlimited money.
Yeah… and now the Iranians have Stuxnet, too.
i’d be surprised if stuff like it werent way more common today.
So? Those backdoors have been closed since 2010 (probably earlier). Also not too many people have an Iranian Nuclear program.
The experts don’t share your optimism.
Dealing with Stuxnet has probably advanced Iranian cyberwarfare capablilites by several orders of magnitude that they wouldn’t have otherwise. That’s the problem with using this stuff as weaponry - they don’t explode.
Oh come on… this isn’t just a scrap metal press.
Sure. But a kill switch might warrant some additional investment. It’s not like your other features.
Assuming the kill switch is a real kill switch, and not just casually shutting things down in a way where they can easily be turned back on.
Geopolitics aside, the technical architecture implementation of this mechanism is really interesting for me. I think over all, having extra ability to disable these systems would prevent US launching attacks against the plants — which could cause spill over local civilian injuries — but there’s just so many more things to consider.
Is it a dead-man switch style of setup, where if it doesn’t get authorization from HQ after some time, it will stop working? Or is it a kill switch style of setup, where they can remotely issue a command to stop operation? Because different vectors then come up depending on the securing method. For example: Dead-man switch might be tricked/overcame by turning back the clock, whereas kill switch might be circumvented by severing the network connection before the command could be issued (literally cut the underwater cables before they start the invasion).
How is the mechanism itself secured? If it is certificate based like everything else, then we’d have to worry about the certificate signing authority getting pressured into signing certificates by state backed actors.
Would really love to learn about the setup one day after all these is over, to learn about the thinkings that’s been done on such an important piece of … “infrastructure”?
They’d have everything to lose. Everyone wants those machines. Disabling or destroying those machines is like slashing the only nice life raft on the open ocean. Sure, there are others, but they have cracked rubber and don’t seem as firm. Bleeding edge fabs are the oil of the 21st century.