Slashdot Mirror

← Back to Stories (view on slashdot.org)

PS3 Cell Processor Security Architecture

Posted by ryuzaki0 on from the what's-this-little-shiny-thing-do dept.

hoyhoy writes "IBM Developerworks is discussing the PS3 Cell Processor Security Architecture today on Developerworks. It details the hardware level security for isolating processes that exists in the Cell processor's architecture." From the article: "The architecture's main strength is its ability to allow an application to protect itself using the hardware security features instead of the conventional method of solely relying on the operating system or other supervisory software for protection. Therefore, if the operating system is compromised by an attack, the hardware security features can still protect the application and its valuable data. As an analogy, consider the protection the supervisory software provides as the castle's moat and the Cell BE security hardware features as the locked safe inside the castle."

4 of 54 comments (clear)

  1. Intel equivalent by IamTheRealMike · · Score: 4, Interesting
    For comparison, the Intel equivalent to this technique (allowing processes to shield themselves even from the kernel) is called LaGrande Technology.

    I'm not really a fan of this sort of design - it seems to duplicate the purpose of the existing kernel/userspace security architecture, but I can appreciate the pickle we're in with de-facto standard kernels that allow anything to be loaded into them. Windows Vista 64 bit requires all kernel drivers to be signed: correctly so, in my opinion, but this doesn't help the huge 32 bit userbase today.

  2. Then... by frosty_tsm · · Score: 4, Funny

    Imagine the Princess inside that Castle.

    ... or another castle.

  3. Re:DRM by IamTheRealMike · · Score: 4, Interesting
    Yes, it can make slightly more effective DRM because an application no longer needs to trust the operating system. But this isn't a black and white issue (realistically, outside of Slashdot groupthink, DRM is never black and white).

    For instance, consider this:

    • It can make more effective DRM, but it can also make more effective encryption. How do you know your operating system is secure, really? Root kits are not at all uncommon even on desktop machines these days. Have you seen how easy it is to dump form data from Safari before it's encrypted? It's not quite as easy for IE or Firefox because they're written in C++ rather than Objective-C, but it's still possible.

      Personally I wouldn't trust my CC number to an unknown Windows machine these days. SSL/TLS wire security just isn't secure anymore when it's so easy to intercept the data before it's ever encrypted.

    • Afraid the government is spying on you? What was that NSAKEY symbol in the Windows crypto libraries anyway? It'd be a LOT harder to put Big Brother style tech into a CPU than an operating system simply because the CPU has much less information to work with. So crypto programs can shield themselves from possibly malicious software in another way.

    • DRM exists, a lot of digital media is protected using it, and unless piracy suddenly becomes as unacceptable as murder or somebody invents a new kind of economic system to replace copyright it'll probably be around for a long time to come. Simply saying "we won't accept that" won't cut it with a lot of people, some geeks included (who do you think designs all this DRM anyway? magic programming pixies?).

      Consider - hardware process protection would theoretically allow for Linux-compatible DRM. Right now Windows Media DRM uses the "secure audio path" to try and prevent people using malicious audio drivers to trivially dump the decrypted audio out of the player. Linux has no equivalent, fundamentally cannot, however these kind of hardware features could allow it to get such a thing without breaking the GPL (because the operating system can be GPLd and therefore "untrusted" but the player would not have to trust it to work...)

    • Anyway, like most technologies, it cuts both ways. It has uses you'll disagree with and others you will want. Just deal with it.

  4. Re:Uhh....whaaat? by IamTheRealMike · · Score: 4, Insightful
    If you had RTFA you'd know this isn't about mod chips - the article explicitly states that this kind of protection is not about resisting hardware attacks and only concerns software.

    WHY are you implementing it on a GAME CONSOLE?

    Maybe because the Cell is designed to be used for more things than just the PlayStation?