Hardware TPM Hacked - Slashdot

Slashdot

Hardware TPM Hacked 327

Posted by Soulskill on Tuesday February 09 2010, @12:45PM
from the matter-of-time dept.

BiggerIsBetter writes "Christopher Tarnovsky has pulled off the 'near impossible' TPM hardware hack. We all knew it was only a matter of time; this is why you shouldn't entrust your data to proprietary solutions. From the article: 'The technique can also be used to tap text messages and email belonging to the user of a lost or stolen phone. Tarnovsky said he can't be sure, however, whether his attack would work on TPM chips made by companies other than Infineon. Infineon said it knew this type of attack was possible when it was testing its chips. But the company said independent tests determined that the hack would require such a high skill level that there was a limited chance of it affecting many users. ... The Trusted Computing Group, which sets standards on TPM chips, called the attack "exceedingly difficult to replicate in a real-world environment."'"

This discussion has been archived. No new comments can be posted.

Hardware TPM Hacked

Search 327 Comments Log In/Create an Account

Comments Filter:

Re:Am I getting old? (Score:3, Funny)

by jfengel (409917) writes: on Tuesday February 09 2010, @01:04PM (#31073990) Homepage Journal

Yes, it means you're getting old. On the plus side, your memory appears to be in great shape.

Parent Share
twitter facebook
Re:surprise surprise (Score:5, Funny)

by crossmr (957846) writes: on Tuesday February 09 2010, @01:07PM (#31074048) Journal

I had a similar thought when I read that part of the summary:
How about you do something crazy and carry on to the actual article (I know.. I forgot where I was)
The new attack discovered by Christopher Tarnovsky is difficult to pull off, partly because it requires physical access to a computer.....Using off-the-shelf chemicals, Tarnovsky soaked chips in acid to dissolve their hard outer shells. Then he applied rust remover to help take off layers of mesh wiring, to expose the chips' cores. From there, he had to find the right communication channels to tap into using a very small needle.
Two words: script kiddies.
You tell me how you're going to pack acid and rust remover into a downloadable tool and I'll worry.

Parent Share
twitter facebook
Solution is quite obvious (Score:4, Funny)

by funkman (13736) writes: on Tuesday February 09 2010, @01:15PM (#31074186)

Since using technique involves reverse engineering the chip, this is a clear violation of the DMCA. So just find your local attorney and prosecute.
Problem solved. Nothing to see here move along. Thanks for playing. :)

Share
twitter facebook
When I see "TPM hacked" only one thing comes to me (Score:3, Funny)

by JudgeFurious (455868) writes: on Tuesday February 09 2010, @02:34PM (#31075480)

Somebody fixed The Phantom Menace? I'd like to see that.

Share
twitter facebook
Re:Yeah, this is going to be a major problem... (Score:2, Funny)

by Jeng (926980) writes: on Tuesday February 09 2010, @03:09PM (#31076130)

LSD doesn't work that way, otherwise the CIA would still be using it.
Knowing that the password tastes like fuchsia does not help.

Parent Share
twitter facebook
Re:Step 1 - decap the chip without killing it (Score:3, Funny)

by Physics Dude (549061) writes: on Tuesday February 09 2010, @06:04PM (#31078794) Homepage

Not the kind of thing you're going to do in your kitchen!
What!? You obviously have never seen my kitchen. ;)

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

582 commentsIBM Creates 'Breathing' High-Density Lithium-Air Battery
394 comments1366x768 Monitors Top 1024x768 For the First Time
385 commentsLiving Fossils: Old Tech That Just Won't Die
373 commentsAuto Makers Announce Electric Car Charging Standard
368 commentsThe Dutch Repair Cafe Versus the Throwaway Society

Why not go out on a limb? Isn't that where the fruit is?