Turtles all the way down: Introduction

The sum total of the Edward Snowden revelations have pretty conclusively proved one thing: That we can't trust anything. The communications networks wrapped around the globe like a blanket are surveilled so minutely that Russian President Vladimir Putin has openly stated his admiration for the US getting away with it so successfully. Much of the cryptographic infrastructure used to protect our communications and data at rest is known to be vulnerable to one or more practical attacks that, in the end they can't really be called effective if one wants to be honest. The company RSA has all but admitted that the BSafe libraries, which are used in dozens of software packages have serious flaws in them. To recap, in September 2013 RSA announced that we shouldn't use BSafe in the default configuration, which includes the use of the Dual_EC_DRBG pseudorandom number generator by default. Then in December 2013, it came out that RSA had a $10mus software development contract with the NSA. Taken separately, the two things are not particularly incriminating. When you put them togegther, it strongly implies that the latter brought about the former. A few days after that a patent was discovered which reveals how Dual_EC_DRBG was probably compromised. On New Year's Eve a proof of concept implementation of this attack was published. Ouch. SSL and TLS, most commonly discussed in the context of the Web but used elsewhere to protect data in motion have been debated, torn apart, PoC'd and bikeshedded to death, so I won't talk about them again. As it turns out, you can't even trust any hardware you buy. It's also come out that the NSA intercepts some computer hardware purchased online to backdoor it before it reaches the entity that bought it. Not just whole computers are compromised before they're received, even Ethernet switches, routers, and the firmware of hard drives from the biggest manufacturers have fully capable and mature attack methods for boobytrapping them already worked out. Entirely separate from the Snowden revelations, I beg you to note, security researchers have independently discovered some of the same attacks, namely, backdooring hard drive firmware and installable Cisco iOS rootkits. But wait, it gets better. In late 2013 a team of researchers published a paper (including a hands-on methodology by which the technique can actually be carried out) about an attack in which they were able to manipulate individual transistors on the silicon to undetectably meddle with important functions like random number generation (Stealthy Dopant-Level Hardware Trojans by Becker, Regazzoni, Paar, and Burleson). If they were able to figure it out in 2013, you have to wonder what was possible in previous years... say, those parts of the calendar discussed in Snowden's papers. This implies that you can't even trust commodity chips if you want to build your own gear because you can't tell if they may have been tampered with in subtle ways. Not many people are really sure what's going on in the firmware blobs loaded by common peripherals like network interfaces, graphics cards, and just about every other input/output device that we use on a daily basis. By definition, all of those firmware images are executable code, and thus they are backdoorable. If you follow the trail far enough you will discover that the radios in something as common as a cellphone are themselves Turing-complete microcomputers running their own operating systems and containing their own exploitable vulnerabilities. This is just as bad as you think it is. After the latest