Pandora, Cassandra, and Aristotle: An Ancient Greek Perspective on Hardware Trojans - Joeseph FitzPatrick
Over time, our hardware has become smaller, faster, cheaper - and also incredibly more complicated. Just like with software, this complexity brings with it both an increased attack surfaces and a more difficult detection problem.
Unfortunately right now - when it comes to hardware implants in the form of trojanized boards, components, and silicon - the discourse is focused on sensationalism. We've got devices few people have heard of doing things few people realize is possible, perhaps happening on a scale fewer people understand. When it comes to hardware details, it's all Greek to laypeople, and even to most software security experts.
I'll present on how we can approach modern, rational discourse and investigation into hardware implants by building on a few factors that have been understood since the classical age. Pandora had the curiosity to open the box, even when authority dictated otherwise. Cassandra had the foresight to see what was within the realm of possibility, even while others dismissed her claims as fantasy, paranoia, or madness. Luckily, Aristotle's empiricism is the root of a rational process I will describe which can let us test a Pandora's discoveries and a Cassandra's claims for both potentiality and actuality.
Hopefully you'll walk away with a better understanding of the state of hardware security, but more importantly, a few more concepts and a process that will both guide your analysis of hardware and help you gauge the validity of public claims about hardware trojans.