There's a lot of money in this kind of exploit, and that, coupled with the frequent use of reused keys, makes efforts to discover those keys productive. I've been given some idea of just how much money goes into this kind of work, and it's staggering.
And there's stuff like this: “We noticed that the key from an old Zen 1 CPU was the example key of the NIST SP 800-38B publication (Appendix D.1 2b7e1516 28aed2a6 abf71588 09cf4f3c) and was reused until at least Zen 4 CPUs.” -- used on a successful microcode attack, now people are working to make AMD cpus be risc-v cpus by changing their microcode. Same key across millions of CPUs, wow. And, there is the AST2500, which, if you type a certain string into it, gives you full access. That string is baked into the chip mask. That string was protected by an NDA, nothing more. A student found it out as part of a project. The only fix is to not connect the serial pins ... Anyway, I mainly wanted to mention the kind of problems there are, and how much effort gets put into attacks, in case somebody wants to look again at what to replace nvram with. It is good to skip over all the failed stuff -- although the chip vendors just keep doing the same thing over and over :-) I like the TPM idea, if done the way Chromebooks do it. It's worked well. The only guarantee chromebooks ever offered was that they could withstand 5m of physical access, no more, but that's more than most systems can promise. Thanks On Sat, Mar 29, 2025 at 11:46 AM Skip Tavakkolian < skip.tavakkol...@gmail.com> wrote: > Reductio ad absurdum: it all hinges on the rule of law or the whim of a > potentate. > > On Sat, Mar 29, 2025, 8:49 AM Wes Kussmaul <w...@reliableid.com> wrote: > >> >> >> On 3/28/25 18:04, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote: >> > Aleksandar Kuktin writes: >> > >> >> ...the "trust" >> >> chain originates with the manufacturer, or more accurately with >> >> whomever controls the manufacturer, you'll never be in complete control >> >> of the device. >> -- >> >> This such an important and overlooked point. >> >> We partnered with, and invested in, StartCom, a certification authority >> that helped us build our Osmio CA. We chose them because of their >> reputation for integrity: they actually checked out the claims of domain >> owners before signing an x.509 SSL certificate (unlike many others.) >> >> We were minority shareholders, so when the CEO decided to put the >> company up for sale we had no choice but to consent to selling this >> business with a noteworthy integrity asset. >> >> So when a company with a noteworthy asset puts itself up for sale, of >> course it attracts buyers who lack that asset - right? So a Chinese >> company bought StartCom in order to issue fraudulent x.509 certificates. >> >> Fortunately they were quickly caught by members of the CA Forum. All the >> browser makers quickly deleted the StartCom root from their browsers, >> and all of a sudden the users of sites backed by StartCom SSL >> certificates got the ugly go-away-do-not-trust-this-site message. >> >> Certification authorities should be like the vital records departments >> of city hall. You may be able to buy the mayor, but everyone in the >> vital records department knows that their only asset is their integrity. >> You can't buy the vital records department. >> >> The notion of a commercial certification "authority" is pure folly. >> >> And attributing enduring significance to a company's privacy practices >> (hello Apple) is also folly. A big hedge fund or PE might decide there's >> money to be made by buying a controlling interest in Apple and getting >> it to act like the rest of Silibandia, stealing and selling personal >> information for a big boost in earnings and share value. >> >> A company is not a person. Unlike a person's character, which is usually >> enduring, a company's character is created at the whim of its >> controlling shareholder. >> >> *Wes Kussmaul* >> >> *Reliable Identities, Inc.* >> an Authenticity Enterprise > *9fans <https://9fans.topicbox.com/latest>* / 9fans / see discussions > <https://9fans.topicbox.com/groups/9fans> + participants > <https://9fans.topicbox.com/groups/9fans/members> + delivery options > <https://9fans.topicbox.com/groups/9fans/subscription> Permalink > <https://9fans.topicbox.com/groups/9fans/T4aedea377a3d63c1-Me89e017e4f44e7959b79d809> > ------------------------------------------ 9fans: 9fans Permalink: https://9fans.topicbox.com/groups/9fans/T4aedea377a3d63c1-Mba9c4f64e4edf2ca9e619983 Delivery options: https://9fans.topicbox.com/groups/9fans/subscription
