Hardware TPM Hacked

BiggerIsBetter writes "Christopher Tarnovsky has pulled off the 'near impossible' TPM hardware hack. We all knew it was only a matter of time; this is why you shouldn't entrust your data to proprietary solutions. From the article: 'The technique can also be used to tap text messages and email belonging to the user of a lost or stolen phone. Tarnovsky said he can't be sure, however, whether his attack would work on TPM chips made by companies other than Infineon. Infineon said it knew this type of attack was possible when it was testing its chips. But the company said independent tests determined that the hack would require such a high skill level that there was a limited chance of it affecting many users. ... The Trusted Computing Group, which sets standards on TPM chips, called the attack "exceedingly difficult to replicate in a real-world environment."'"

Re:surprise surprise

[Bacon+Bits]

You didn't even read the article, did you? This was a hardhack.

Tarnovsky needed six months to figure out his attack, which requires skill in modifying the tiny parts of the chip without destroying it.

Using off-the-shelf chemicals, Tarnovsky soaked chips in acid to dissolve their hard outer shells. Then he applied rust remover to help take off layers of mesh wiring, to expose the chips' cores. From there, he had to find the right communication channels to tap into using a very small needle.

The needle allowed him to set up a wiretap and eavesdrop on all the programming instructions as they are sent back and forth between the chip and the computer's memory.

It also amuses me that TFS makes the point of blaming "proprietary" solutions. Exactly how would this attack have been prevented by using open source?