Broadcom not immune to challenges
Broadcom (AVGO) is currently witnessing a strong growth environment as the demand for network infrastructure, data center applications, and automotive electronics gain momentum. Amid this strong growth, there are some security and legal concerns to consider.
Broadcom files patent lawsuit against DTS
Broadcom has filed a lawsuit with the US ITC (International Trade Commission) against DTS and its subsidiary, Phorus, accusing the latter of infringing patents related to audio processing technology. Broadcom noted that its Play-Fi wireless audio streaming technology streams audio from one device to another audio device, which would soon include Amazon’s (AMZN) Alexa, through a wireless network.
The company has asked ITC to prevent DTS from importing products that use the infringed patent. This lawsuit adds to the various lawsuits between Broadcom and Tessera, which acquired DTS in October 2016.
How does the lawsuit impact Broadcom?
Broadcom spends a large sum on research and development involving new patents. Several licensees pay Broadcom to use its technology.
If a patent is infringed, it would negatively impact Broadcom’s earnings and discourage the company from exploring new patents. It’s particularly important for Broadcom to protect its technology, which is the core of its competitiveness in the semiconductor market.
Hackers attack through Broadcom chips
Broadcom’s BCM4354, 4358, and 4359 chips were affected by a bug. These chips are used in several phones manufactured by HTC, LG, Google, Samsung (SSNLF), and Apple to connect to Wi-Fi.
Exodus Intelligence security researcher Nitay Artenstein identified this bug, dubbing it Broadpwn. In a blog post, he explained that Broadpwn not only allows a hacker to take control of a device that enters the target Wi-Fi range, it also allows the hacker to convert the infected device into a rogue access point to infect other nearby phones. As a result, these devices spread the Wi-Fi worm.
Although Google (GOOG) and Apple (AAPL) have written patches to fix the Broadpwn bug, this incident has raised concerns over the security of Broadcom chips, as this is not the first time a security issue has occurred. In early 2017, Google’s Project Zero research team member Gal Beniamini found a Wi-Fi flaw in Broadcom’s chips that allowed a hacker to control a device that comes within the target Wi-Fi range.
What does Broadpwn mean for the technology industry?
At the Black Hat security conference, Artenstein stated that application processors running operating systems like Android and iOS have become more secure over the years due to continual upgrades. So, hackers are looking at weaker areas that can be exploited. Because smartphone makers source components from third parties, they do not have complete control over the chips’ codes. As a result, third-party components allow hackers to exploit these holes.
Incidents such as Broadpwn highlight the need to enhance hardware component security, which could lead to a deeper collaboration between chipmakers and handset makers to produce secure components.
Broadcom is facing another challenge that is related to its acquisition of Brocade Communications Systems (BRCD). We will look into this in the next part of this series.