Hacker News new | past | comments | ask | show | jobs | submit login

It's quite feasible. State of the art FPGA chips are typically manufactured in third party fabs. These are primarily TSMC, GlobalFoundries, and UMC. I'm guessing Intel's acquisition of Altera will result in a more "trustworthy" FPGA. In a nutshell, if a state actor can access the fab, it can insert a backdoor.

With circuit design, fully independent verification has not been solved yet. The primary reason is that fabrication, especially at lower process nodes, is extremely complex. So even if you had a "3D IC printer" at home, you still need to trust the manufacturer of that printer, as well as the manufacturer of the key components of the printer. Taking that even further, you need to trust that each of those components was manufactured by a trusted fab. It's turtles all the way down.

If I were to design such a printer from scratch, I would have a consortium of known companies oversee the design of the first printer and all of its components in a closed environment with 24/7 surveillance. All circuits would be fabbed using a manual, low volume process. Once the initial printer is complete, all the circuits of subsequent printers would be fabbed using this root printer. There are shortcomings with this technique too, but it's probably the best way to go about doing it (with current tech).




I agree that trusting the manufacturer of the fab would constitute a potential attack vector, but if the fab was capable of reproducing itself (in conjunction with other tools, of course) then persistent subversion of the fab would be analogous to a trusting-trust attack. And just like trusting-trust attacks can be satisfactorily mitigated (e.g. via diverse compilation), so could a trusted hardware toolchain eventually be produced. The question then is just whether such a thing is worth the large effort. :)


The raw resources alone - not considering the labor and technology - required to build a fab and maintain it are so staggering that I just can't see that happening anytime soon.

Besides, the fab itself isn't the issue. Rather, the equipment used during the fabrication process itself are the weakest link, so to speak. Further, if we consider the feasibility of insider attacks, the people who maintain the fab are potential targets as well.

So, I think achieving what you propose would require: 1) access to an immense amount of resources, 2) the capability to self-manufacture the tools required to manufacture ICs, and 3) an AI that can operate the fab.

The third point alone is so far off that I'd conclude it's going to be impossible for a long time.


I think you're underestimating the cost of building a fab by several orders of magnitude.


This is a hypothetical far-future question, I'm not here expecting anything like this in my lifetime. :)




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: