The Digital Rag
Real World Information in a Virtual World
Sign Up!
Login Welcome to The Digital Rag
Tuesday, February 07 2012 @ 01:45 PM PST

It Only Takes One Person to Break Things Today

Wednesday, February 10 2010 @ 09:35 AM PST

Contributed by: Richard Pitt

Digital Rights

A recent article points out that one person has cracked the secret to a whole slew of devices based on a "Trusted Platform Module" or TPM (not to be confused with "Technical Protection Measure" which it also is) - this is a chip that holds a secret key to the rest of a computer's secure software and breaking it means that all manner of otherwise secure facilities are now no longer considered as secure.

These include things like the X-box and the way Microsoft limits additional hardware and software to only their own "signed" selections. It also includes the security of most cell phone texts and email.

The chips' manufacturer, Infineon (their chips are the ones most likely to be used in this case, although there are other manufacturers) is right in claiming that, while this shows the possibility is there, it is only useful if one has the actual device and a lot of very technical skills needed for each and every system that is to be cracked, including use of various acids and some extremely fine needles to tap the very fine contacts inside the chip.

All in all, this particular hack is unlikely to be of concern to many people or companies - but other hacks that involve use of less sophisticated but nevertheless complex tactics, such as "jailbreaking" the iPhone or other locked-down hardware are much less dependent upon skill the second time around.

You see, the skill is in finding the initial attack method - replicating it for the second, third and millionth use of the technique is trivial. The "security by obscurity" technique employed (hiding the key in something that takes some getting to - but once the key is found, having the lock in plain site) is not very useful in today's communicating world.

News of a new exploit of a flaw in Microsoft Windows is passed around in seconds - and in fact there is a market for it where you can purchase such information.

Hiding the key inside hardware that has active components watching for hacks is far better. I expect more products will employ this kind of technology in the future. If the reason for using such keys is to help me protect my own security then that's a good thing - but if it is to help protect a manufacturer's business model then it is not. 

I refuse to purchase anything that has strings attached to it by the manufacturer such that I do not truly control it for my benefit alone. How about you?


Tag: drm tpm

Story Options

Trackback

Trackback URL for this entry: http://digital-rag.com/trackback.php/OnlyOnePersonToHack

No trackback comments for this entry.

0 comments

What's New

Stories

No new stories

Comments last 2 days

No new comments

Trackbacks last 2 days

No new trackbacks

Older Stories

Thursday 15-Sep


Saturday 10-Sep


Tuesday 30-Aug


Saturday 20-Aug


Thursday 18-Aug


Sunday 14-Aug


Thursday 04-Aug


Tuesday 02-Aug

?

Ads by Clickochet

G+ Public Posts

There was a problem reading this feed (see error.log for details).
?

G+

?

Facebook Page

RSS Feed

Richard's Digital Rag

Poll

How do you like to find out news about the internet and computers?

  •  Newspaper
  •  Radio
  •  TV
  •  Web Search
  •  Favourite Web Site(s)
  •  Pod Cast
  •  Video Online
  •  Email List(s)
  •  RSS - Syndication
  •  Word of mouth
This poll has 0 more questions.
Results
Other polls | 28 votes | 0 comments