[Cryptography] USB 3.0 authentication: market power and DRM?

[Jerry Leichter]

> Authentication chips in every computer cable is disaster in the making. It’s an opportunity for cyber-sabotage on a grand scale too good for major powers to pass up. A small fraction of cables in service containing a chip that can be triggered remotely to fail or to load malware could wreak havoc on a modern economy....
You're confusing two things.

*Authentication* chips in computer cables are supposed to be a way of protecting users from cheap and potentially dangerous cables.  In reality, they are more likely to be a kind of DRM, maintaining the profits of the cable makers.  We didn't need them to have safe power cables - we looked for the UL label.  We don't need them for computer cables.

*Chips* in cables are a done deal.  The kinds of speeds we are pushing through copper today are impossible without active components to do pulse shaping and various other kinds of adaptation.  Why it's worse to have those chips in the cables than in the jacks (that may be possible, but you really need to be right near the cable for this kind of things to work) is beyond me.

Of course, if you go fiber rather than copper, you need a chip to do the translation between the electronic and photonic domains.  At least some part of it has to physically couple to the fiber.

Every chip can potentially be compromised.  Chips in cables seem neither more nor less vulnerable than others.  I see little basis for singling chips in cables as particularly hazardous.
                                                        -- Jerry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160504/ed8603e6/attachment.html>