On Fri, Mar 28, 2025 at 07:04:05AM -0700, ron minnich wrote:
> search for: keysight rp2350 hardware attacks
>
> (I'm done including links :-)
>
> Short form: it's getting easier by the day to put together glitching
> hardware, for under $1000, and uncover those keys!
[From the PR departement] This demonstrates once more:
- That security relies first on simplicity (despite the
conclusion, there is a mention about software too, i.e. compilers:
"Due to an unlucky arrangement of instructions emitted by the
compiler, injecting a fault which skips one out of two very specific
instructions confuses the chip into rebooting to the hazardous boot
type".);
- That security has a cost and to maintain efficiency,
strong security has to be done only once, and that it would
be more secure for a task, verified, to execute once on a dedicated
core than having to verify it at each running slot of time, having
verified too that it had not been altered while sleeping and that the
context on the core or the caches have not been "polluted" by a
concurrent task.
On the obvious side---it will probably not be a scoop to a lot of
people---, I discovered, while working on the driver for the
RTL 8125 and al. NICs, that there are instructions to allow
to turn off the blinking led showing that there are network exchanges...
All in all, trusting something that one doesn't build entirely (from
hardware to software)---it may exhibit then errors but from involuntary
faults---is, at best, naivety.
--
Thierry Laronde <tlaronde +AT+ kergis +dot+ com>
http://www.kergis.com/
http://kertex.kergis.com/
Key fingerprint = 0FF7 E906 FBAF FE95 FD89 250D 52B1 AE95 6006 F40C
------------------------------------------
9fans: 9fans
Permalink:
https://9fans.topicbox.com/groups/9fans/Tbd230a8f010208d8-M484bb3312349d42903435fed
Delivery options: https://9fans.topicbox.com/groups/9fans/subscription
