We present attacks against unscrutinized Cryptographic Devices by the device designer/ producer. The attacks make the attacked devices behave like proper ones in the way they act, and make you believe they are correct and secure in spite of the fact that they are exposed uniquely to the attacker. The implication on trust relationships between the crypto device/software vendors and the user will be discussed as well. |