Monday, May 26, 2014

"The ghost in the machine"

I recently purchased an ASUS Transformer Book T100TA-C1-GR.  Other than running Windows 8, it has a BCM4330" chip.  Interestingly, this chip has some of the features that are not being exposed to the OS.


According to Broadcom's website, the BCM4330 has an onboard FM transceiver.  While this is likely targeted toward cell phones, it isn't made available to Windows through the supplied drivers.  However, in addition to the FM transceiver, the chip also has an on board ARM processor with integrated flash storage.
been a great tablet.  However, some people have had trouble with the wireless card.  Looking in the device manager, I discovered that the wireless card identifies itself as a "Broadcom 802.11abgn Wireless SDIO Adapter."  A quick Google search revealed that the wireless card utilizes the "

The question is, how did ASUS integrate the SDIO controller?  If the SDIO controller sits directly on the PCI bus, the BCM4330 could, in theory, read and write to anything in RAM.  And, given that the BCM4330 has an unused FM transceiver, the FM transceiver could be used for remote intelligence gathering.

If the antennae wiring inside of the Transformer Book is anything like a cell phone, the FM transceiver antennae is probably not connected or if it is, it may be connected to the headphones jack.  If this is the case, the concern over the FM transceiver is probably limited.  But, even if it were difficult to receive a signal from the BCM4330, it would fairly straightforward for an attacker to transmit to it.

Of course, this is all suggesting that the BCM4330 had some nefarious firmware loaded...

Addendum: Actually, come to think of it, it would make much more sense to monitor an FM frequency for a catalyst signal.  Then, rather they broadcasting over FM (an easily monitored/detected frequency), it could broadcast over the standard 802.11 frequencies.  Of course, this would be done without broadcasting the SSID and would likely be encrypted.  Anyway, more food for thought.

No comments:

Post a Comment