How secure are Allwinner SOC we use in our OLinuXino boards?


spyware

From time to time customers ask us:

You are using Chinese SOCs. I’ve heard that Chinese government forces all Chinese vendors to place back-doors in their SOCs which to spy on you. Can you guarantee that your Linux boards have no back doors to spy on us”

I already posted about Linux-Sunxi community, which develops the Allwinner SOC mainline Linux support. What I forgot to mention is that most of the SOC features and tuning they do is done almost without any official help or documentation from Allwinner and based mostly on tips from Allwinner employees and reverse engineering.

I do remember A20 CAN module was not mention at all as existent in Allwinner datasheets at the beginning and Linux-Sunxi developers found it while hacking the chip.

So I will have to disappoint people, who believe in such myths that no, A20 chips are for quite some time now and there is nothing hidden inside, even the Boot ROM which resides in the SOC internal ROM code and is executed first is disassembled and known code.

This for sure do not give any warranty that these SOCs are bug free and that someone latter may not find and exploit some bugs (I already wrote about the level of the SOC software developers in my previous post) and to create back door to install malware or spyware, but this is not done intentional and IMO above the capacity of the software developers working in the SOC vendors.

I still do remember Allwinner released few years ago SDK where they were forgotten to remove the debug flags and if you send message “rootmydevice” to /proc/sunxi_debug/sunxi_debug, you get root privileges, but was this intentional and forced by Chinese government? I doubt so.

We build our Linux Images from Armbian project sources using their repositories and our images has MD5, so if you load our Linux Images and use in our boards we are sure there are no back doors. I know the guys who are behind Armbian project and I can guarantee they do not work for the Chinese government.

Now you can say if you found undocumented CAN inside the SOC, there may be other undocumented modules as well which to spy on us. Yes, this is possible, but even if there are such hidden resources the software we run on the SOC does not take advantage of them and activate them, you can always monitor your USB/LAN etc traffic packets and see what information go outside the chip and so far for the last 6 years A20 is existent no one ever has detected such suspicious traffic.

10 Comments (+add yours?)

  1. pvdvlis
    May 14, 2019 @ 12:41:44

    “Everything what can be done in software, can be done in hardware”.

    I think it’s not really difficult to make a backdoor in a SOC what does not have to be activated.

    Many people do not trust hardware anymore, that’s a reason we want open hardware. But that’s a long difficult way to go, I hope something like LowRisc will bring real open SOCs. I think Allwinner is usable now, but not the future. I hope Olimex will look at open source SOCs to make boards for them.

    Reply

  2. SK
    May 14, 2019 @ 20:53:25

    1. “even if there are such hidden resources the software we run on the SOC does not take advantage of them”
    2. “you can always monitor your USB/LAN etc traffic packets”

    1. You don’t need the Linux kernel to know about the backdoors if they have their own firmware 😉 That’s how things like Intel ME work – a separate computing core + ROM with code (compressed).
    2. And these have direct access to the peripherals, so Linux would not have a way to detect the usage of RAM, Ethernet, USB, etc

    Reply

    • OLIMEX Ltd
      May 14, 2019 @ 21:42:35

      correct but there are other tools which can monitor the traffic outside the board

      Reply

      • pvdvlis
        May 15, 2019 @ 10:59:41

        You can monitor the traffic outside the board, but you cannot monitor if a “special feature” is listening and waits for some “magic packet” to be enabled.

      • OLIMEX Ltd
        May 15, 2019 @ 11:49:19

        I agree that if someone wants to implement hidden spyware in the silicone it’s possible, but let’s not forget that all these additional features come at a cost of the silicon. All Chinese SOCs are designed to be produced cheap. Adding fancy spyware just add cost to their silicon. Not to mention they do not innovate too much just buy and use IP from ARM. When you sell your SOC for $10-30 like Western SOC vendors do this may not be a problem, but when you sell for $2-3 even $0.10 price increase eats significant % of you profit.

    • Christian Nobel
      May 14, 2019 @ 22:57:38

      Re 1. – Raspberry Pi is even worse, I would call it directly scaring.

      Read the section “The real brain …”:
      https://ownyourbits.com/2019/02/02/whats-wrong-with-the-raspberry-pi/

      Reply

  3. Kenny
    May 15, 2019 @ 23:32:02

    I probably wouldn’t trust the RNGs, but then again I wouldn’t trust a non-Chinese one alone either.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: