CHOICE membership

Whose computers and software can you trust?

digital-spying
computer-security
mobile_phone
digitalprivacy

#1

The US Government has recently announced a few bans of products from use by its government agencies. These include antivirus software from Kaspersky (Russian) and mobile phones from Xiaomi (Chinese). The basis for the bans is that the products are considered to be potentially compromised by the parent governments. (I have not included links here, but there is plenty of online discussion about the bans.)

A security podcast to which I subscribe, produced in the US and with a fairly US-centric view of the world, recently asked the (hypothetical) question “Why would any other country rely upon Microsoft or Intel products?” This is a fine point.

We have plenty of evidence of the US spying on other countries and collecting vast amounts of Internet data, as well as pressuring web and other companies to give it open access to all the data they have - whether via secret court order or simply through ‘handshake deals’. There is also evidence of other countries being ‘bad actors’ on the web - but none of them have the reach of the inventor of the Internet, through which most Internet traffic travels.

Apparently Microsoft has opened its source code to some governments in order to get permission to sell in those countries. Perhaps Intel has done something similar with its chip designs, but it still came as a shock to many to find that most Intel chips have a ‘back door’ called the Intel Management Engine or Active Management Technology, which stays on even when you turn off the computer via its power button (turning it off at the wall means all bets are off).

So - has the Australian government checked Microsoft’s firmware for any nasties that might be planted therein? Should Australians be worried about their Xiaomi - or Apple, or Samsung - phones? Is someone sucking all my top secret information out of my computer every night, and selling it somewhere on the TOR network?

I suspect that the answers to these questions are no, maybe, and probably not - but they remain concerns for consumers and their employers, whether government or business (one of the leaked US spy efforts was against a Brazilian oil mining company, and intellectual property is extremely valuable).

Does Choice have a view on whether - and how - consumers might minimise their risks when buying technology, almost none of which is invented, designed or manufactured in Australia?


#2

I’m not aware of any CHOICE articles or commentary on the potential security issues or threats as described above, but I’ll be sure to pass it on to our investigations team for further consideration :thumbsup:


#3

Logic suggests that if it remains on when the power supply is switched off, then it must be battery powered, in which case pulling the plug would make no difference.


#4

In the primeval days of computing and magnetic disks ‘the government’ could recover data that was patterned over 5-times, and could often get data from core memory boards and RAM chips brought from COCOM restricted countries back to the US for repair. Secure government facilities never repaired, they destroyed. I could but imagine how far techniques and skulduggery have come since.


#5

The standard PC has several different ways of ‘turning it off’. Please note that this advice does not apply to laptops and tablets, which have fairly powerful batteries. All other computers contain batteries, but these are usually just coin-sized devices for keeping a few minor things going.

The main way to turn your computer off, on the front of the machine, is the ‘power’ button. This turns off most but not all power - so for example that battery in there doesn’t get drained unnecessarily by keeping track of the time and date. It also allows the AMT module to keep running, so that (for example) your IT administrator in a large organisation can send out updates overnight, via the (also still operational) Ethernet port*.

The second power-off option, which is not available in all PCs, is at the back of the PC on the power supply unit. My understanding - and I am happy to be corrected - is that turning your computer off here would turn off all power (e.g. if you wanted to do some work inside).

Thirdly you have the power point. Turn the power off here, and it’s definitely off - unless you have a battery (e.g. Uninterruptible Power Supply or UPS) between it and the PC; you would want to turn this off as well, to ensure the line is dead.

*The AMT chip is able to access your computer’s Ethernet port. One way to stop it from having access to the outside world is to use a secondary Ethernet port. You can get these cheaply, as USB to Ethernet or as internal PCI cards. If you get your Internet via that secondary port, then the AMT chip cannot communicate with the outside world.


#6

Gotta love the hardware (drive/board/etc) shredder - and people think paper shredders are noisy…


#7

So if you are using wifi rather than ethernet, and the wifi card isn’t powered when the computer is “off” then there is no access?

I’ve had to replace computer clock batteries before, after a number of years, and they can certainly power digital watches for a number of years without being charged… but maybe things have changed since I last used a desktop some years ago.


#8

There are many programs available that will wipe and rewrite data to your storage ‘many’ times. I understand the ‘standard’ is currently DOD 5220.22-M - with the ‘DOD’ representing the US Department of Defence, which created it. This involves overwriting each bit thrice, as described in the linked article. The standard software that is used is called Darik’s Boot and Nuke (DBAN) - which does what it says on the label and is free for personal use (with the caveats stated on the website - it appears that Darik has been bought out).

As stated on the DBAN website, SSDs are a bit different, but there are tools to wipe these as well. (Importantly, SSDs can only be written to a limited number of times.) This article discusses how it’s done.


#9

It depends? If the WiFi card is not built into your motherboard, then there’s no access.


#10

So do you have absolute trust that the electronics packages on the devices have not been diddled with?


#11

Unfortunately not. I do have trust in open source programs, but any electronic device that I own may well have been attractive to some customs agent who wanted to do something… wait, you mean - ? Unfortunately, we live in a world that relies upon trust and in which trust is all to often proven to be misplaced. As is diddling.


#12

My (optimistic) view only - I believe the only choice we have is who we give our data to - not whether we give it, as we’ll be giving it to someone whether we like it or not, whether we know it or not - we can make it easy for them, or we can make it hard(er) for them, but if we are interesting enough they will have it sooner, if we are less interesting they will have it later - based entirely on their priorities. Whether we trust some (hard|firm|soft|wet|vapour)ware from some particular geopolitical context is a choice we might like to feel good about thinking we made with some knowledge or insight we thought we had, but that’s about as far as it goes - heads you lose, tails they win. My realistic view is somewhat more bleak … and my pessimistic view, well …


#13

Yes you are correct, it disables all power to the power supply in the same way a switch on the wall does.

Using the power button on your computer in modern ACPI (Advanced Configuration and Power Interface) based computers puts the computer into what is termed G2 or “soft off”. This as a minimum supplies power to the power button circuit so if it is pressed the computer will restart, but it can also continue to supply other components on the system eg for Wake on Mouse, Wake on Lan or Wake on USB. It is a very low power state but still is powered.

G3 is when you turn the switch on the PSU or the wall off, this is a mechanical off. The computer in this state is completely off (and the UEFI/BIOS button battery keeps the clock running).

Sometimes to recover from an error state a “soft off” is insufficient and requires a mechanical off or even a hard reset of the power which involves holding the power button in until the computer shuts down then turning off the power (still holding the power button in) then while still holding the power button in turning the power on again and each step takes at least 15 seconds to do before the computer can be hopefully successfully restarted. What data is retained that this is needed is perhaps concerning and shows not everything is always cleared on a soft off.


#14

The Australian Govt. has a long way to go before they can say their computer systems can be trusted (even though systems created by commercial third party entities can never be fully trusted)… This from IT News this morning re the ACT govt and this type of article turns up often.


#15

Unfortunately there were some incredibly short-sighted decisions in the late 1990s, in which the Commonwealth decided that IT was not a ‘core business’ and outsourced most of it. Not only did this prove extremely expensive financially, but it meant that control over a strategic asset was lost! The Commonwealth is continuing to (gradually) recover from this fiasco, which also resulted in the loss of decades of experience.

It is only gradually that governments - and some businesses - are realising the importance of their ICT infrastructure and the risks you take if you cede control.

As a side consideration, would the Commonwealth have experienced its recent gargantuan ICT failures (census, Centrelink etc.) if it had not disposed of its infrastructure and expertise for pennies on the dollar? Had it kept those resources in-house, would it have been able to do the job properly? Instead it relied upon badly written contracts with IBM et al (international company, anyone?), that used poor assumptions (in the case of CensusFail, at least) and found mud on its face when the system fell over after the PM announced on Twitter how easy it had all been.

IT is central to a business’s success or failure. Too many continue to outsource it, and then find that their provider has failed in basic areas (Target in the US, breached through its cleaning contractors, is a case in point). While a small entity cannot afford to get it right, a large one cannot afford not to.


#16

Outsourcing was the MBA’s flavour of the decade back when. As bad a decision as that was reality is that government also shrunk agency budgets, added the efficiency dividend, and slowly strangled them and the gasps for ‘air’ go on. The BOM even has advertising on its site from government edict to try to shore up insufficient funding.

As for security many if not all agency heads did not have the resources to do it beyond lip service. Government had security auditors who called out sysadmins not changing passwords routinely and similar saws, while ignoring hardening and isolating critical systems from penetrations or even running penetration tests.

The rot was and remains endemic and many of the agencies do not have any expertise for ‘mission critical’ operations with predictable but rare failure modes. Some of their best are as far seeing as most of the government ministers :frowning:


#17

Yes, the Australian Government decided to follow America’s lead in outsourcing anything which was not ‘core business’. I remember having to justify what was ‘core’ IT&C to the organisation, only to be overruled by beancounters. Ironically, this was despite the fact that America was already turning the corner and large corporations were starting to return IT back to their control after encountering the obvious pitfalls.

As with so many things, our Governments did not, and does not learn from overseas experience, just follows behind ideological leads slavishly.

Also, the constant Machinery of Government changes (relocating Government organisational components from one Portfolio to another) has resulted in many Departments having a mish mash of computer systems. The lack of resources and the variety of computers and systems within organisations makes it difficult to keep thing running, never mind keeping them secure.

For a cracking read (it’s relevant to this discussion) read: Peter W Singer - Ghost Fleet - A novel of the next world war


#18

That’s the neo-liberal model… sell and outsource… best way to lose control :wink:


#19

Looks like others feel the same concerns… this in this morning:


#20

Unfortunately there is evidence that the rot across governments coupled with their inability to recognise smoke and mirrors from reality and inclination to buy the salesman’s farm could be insurmountable in the short to medium terms IF government accepts it needs to respond. Government could continue putting its head in the sand with a she’ll be right since it costs money and tax cuts for business are more important than government services - except for pollie pay and perks of course.

Not too many years ago an agency designed a system installation to have redundancy including if the facility had all but totally catastrophic plant failure (eg the building inexplicably collapsed). When I saw the approved plan it was obvious there was a serious single point of failure that was not hard to correct, made by a well meaning ‘novice’ and approved by even less attuned ‘novices’ since there was no longer heavy duty in house expertise, but the plan was approved and that mattered; the lead had a choice of moving ahead with what was revealed to be a risk-laden plan for relatively minor failures and getting the program down the road, or starting again and being years late when all the mea culpas and a revised plan would be vetted and approved by self-serving external consultants who themselves might not have had much more of a clue than the internals, since government and agency heads rarely want to hear about bad news so they get good news.

Government is good at ‘I reject that (fill in whatever)’ and go about their merry ways.

s/been there and am as cynical as ever