Comments on: TPM crytography cracked

By: Nitori

Nitori — Tue, 16 Feb 2010 19:12:25 +0000

TPM is too ambiguous and was going to be broken esp if it’s used as DRM.
That makes a security platform too big a target to the point it should be considered insecure.
Maybe people who need high security should use something like truecrypt along with something like an ibutton for the encryption keys that can be removed from the computer to be secured.

That way if a laptop is stolen they can’t get the data if they don’t have the ibutton as well.

By: googfan

googfan — Tue, 16 Feb 2010 16:51:22 +0000

@fanlashtic

ASCII fail

By: DanAdamKOF

DanAdamKOF — Tue, 16 Feb 2010 03:26:29 +0000

If this means cheap third party Xbox 360 controllers then this is awesome.

By: Fanlashtic

Fanlashtic — Fri, 12 Feb 2010 16:16:19 +0000

______ _______ __ _ ______ | \ |_____| | \ | | ____ |_____/ | | | \_| |_____| xD THATS FUCKING AMAZING!

By: minxo

minxo — Thu, 11 Feb 2010 22:35:27 +0000

@greycode: Hardware isolation specs and security bits don’t usually come with the chip unless you pay extra..just look at OMAP. Buyers don’t get any of the security specs.

Even with current DRM dongles over half of them have OCD open on the chip.

By: greycode

greycode — Wed, 10 Feb 2010 22:08:25 +0000

I have been doing crypto security for years. I know of only ONE perfect tried and true crypto system. One time pads. Even then, if you use them incorrectly, they will even be cracked. So no matter what you use, it comes down to following correct protocols.

Pretty damn sure that if someone is able to come in, take your chip apart, that the actual breaking of this crypto system is the LEAST of your problems. Your physical security of your information is paramount, even to the security of your crypto hardware, or software.

Might want to call Schlage, and someone to watch the place a little bit better. If you do this, then the hacking of the chip and the cracking of the crypto is going to be beyond the capabilities of most. This makes the hack/crack nice to know, but not realistically possible if you are paying attention. If your physical security is good, the only person going to get this done is James Bond, and Ian Fleming is not writing much these days.

By: Oren Beck

Oren Beck — Wed, 10 Feb 2010 17:12:13 +0000

There’s a term called “Realistic Threat Evaluation” which seems to be missing here. TPM will decrease the mundane percentages of “Threat” compared to not using it. If someone is in a situation where their data being compromised warrants Flylogic’s level of destructive entry? Then they may consider using multiple layers of better total practices. Like simple prevention of any access to any devices holding risky data. Anything humans have developed “can and will” be compromised. All we can do is report excellent work like the TPM breach in a responsible fashion! As in – contact the no-longer “inviolate” device/system’s security officer to give them lead time for safe handling. Do that and you’re a Hero. If you skip the notification step, then publish/share an exploit that wreaks Havoc? Well, then you risk losing all claim to being of good ethics. And by extension that risks all legit Hackerdom being tarred as indefensible criminals.. Think it over damned carefully eh?

By: minxo

minxo — Wed, 10 Feb 2010 15:28:55 +0000

This is just a side channel attack just like with DRM dongles..the crypto is secure..the isolation that protects keying failed..

By: Cynical

Cynical — Wed, 10 Feb 2010 14:33:18 +0000

“Made in China”

Well there goes all your security out the window. Thing’s probably full of Chinese hacker backdoors.

By: JustMe

JustMe — Wed, 10 Feb 2010 12:12:11 +0000

He has a very nice blog about CMOS chip reversing:
http://www.flylogic.net/blog/

By: F.

F. — Wed, 10 Feb 2010 10:39:23 +0000

Why is protective foil still covering the heatsink in that image? (Shiny, scratch-free heatsink ornaments? What has the hardware business come to…)

@Mike Szczys: Your continuing efforts to spellcheck the posts are appreciated. However, you shouldn’t forget the title. ;)

By: markii

markii — Wed, 10 Feb 2010 07:07:19 +0000

Now this hacked my day :)

By: error404

error404 — Wed, 10 Feb 2010 04:10:49 +0000

Not a crack.

By: blue carbuncle

blue carbuncle — Wed, 10 Feb 2010 02:12:20 +0000

Meaning the attacks will be easily traceable to a small group of skilled individuals with even further individualized finished products (melt depth, bus connection) which is again further reduced by individuals that will find another much easier chink in the armor in a peripheral’s flaw? How will they ever find them lol?

By: cgmark

cgmark — Wed, 10 Feb 2010 01:25:52 +0000

Something else to consider is that while it gave him info on that specific chip it does not mean that he could take the information and use it to open another TPM chip from the same manufacturer. They often contain keys that are unique for each ic produced so TPM still remains viable.

I saw a video once where they were producing security ic and when the dies were created there were a group of 32 connections left unconnected. In the final stage those 32 connections were connected by a machine in a manner that made the internal key unique to that single chip.