[Cryptography] programable computers inside our computers (was: Hasty PRISM proofing considered harmful)
Sebastian Krahmer
krahmer at suse.de
Wed Oct 23 02:59:46 EDT 2013
On Tue, Oct 22, 2013 at 12:29:33PM -0400, Tom Ritter wrote:
[...]
> On 22 October 2013 05:24, Ruben Pollan <meskio at sindominio.net> wrote:
>
> And to add another, there was a presentation on ARM TrustZone, the OS
> inside your CPU, that's seems so designed for backdoors that ARM
> actually gives tips for running TrustZone invisible to the normal OS.
> https://www.hackinparis.com/sites/hackinparis.com/files/Slidesthomasroth.pdf
>
> These are increasingly worrying me as well. The Secure Element on
> Android can at least (if you root and edit the .xml file) be queried
> to learn identifiers of what is installed there, if not directly
> interact with them.
If you are really worrying about that, you are decades too late. :)
ARM-TZ-alike features are already there in other CPU's called SMM, VT-x or SVM,
or in your board called IPMI or AMT - or more generic OOB-Management. Or if you
worry about phones its called SIM and SIM-toolkit (and this list is far
from complete).
Yes, if you want a real trustbase and crypto that stands, you have to open-source
all of it.
Do you know what your keyboard controller is doing? :)
http://www.youtube.com/watch?v=tmZ4yXuDSNc
Sebastian
--
~ perl self.pl
~ $_='print"\$_=\47$_\47;eval"';eval
~ krahmer at suse.de - SuSE Security Team
More information about the cryptography
mailing list