There's definitely not enough information to reach this conclusion. The hardware exploit for example uses registers that shouldn't even exist on the chip. That smells a lot like a supply chain attack, which would make China a prime suspect as well.
Why do you believe the registers shouldn't exist rather than them being undocumented/test registers?
Having worked in the semiconductor industry, this is pretty common.
I cannot even begin to imagine how anyone could insert registers into a chip. First of all, the chip is made by TSMC and it's not like Apple give them their HDL files. TSMC will just get a GDS file which is basically just a file with a bunch of polygons defined. I would go as far as to say that it's impossible to do it at that level given the complexity of chips nowadays.
Can you explain why you think this is a Chinese supply chain attack?
The chip isn't fabricated in China. The fab doesn't have access to the HDL source code so no one can just code in malicious registers. They'd need modify something like the chip mask precursor I think. I'm not a chip fabricator so I don't know enough to say this is impossible.
sigmoid10|2 years ago
doix|2 years ago
Having worked in the semiconductor industry, this is pretty common.
I cannot even begin to imagine how anyone could insert registers into a chip. First of all, the chip is made by TSMC and it's not like Apple give them their HDL files. TSMC will just get a GDS file which is basically just a file with a bunch of polygons defined. I would go as far as to say that it's impossible to do it at that level given the complexity of chips nowadays.
LargeTomato|2 years ago
The chip isn't fabricated in China. The fab doesn't have access to the HDL source code so no one can just code in malicious registers. They'd need modify something like the chip mask precursor I think. I'm not a chip fabricator so I don't know enough to say this is impossible.