Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Keys Leaking Through the Air At RSA

CmdrTaco posted more than 3 years ago | from the patch-it-up dept.

Security 85

NumberField writes "The RSA Conference is underway in San Francisco. A theme among the opening speakers is that the attackers are winning, and even well-funded organizations like NASDAQ can't secure their networks reliably. The show floor is lively, but dominated by the typical firewalls and 'compliance solutions.' One interesting exception is a scary side-channel analysis demo in the Cryptography Research booth using GNU Radio to capture secret keys from various smartphones from about 10 feet away. (The method is related to early computer music using AM radio interference.)"

cancel ×

85 comments

Sorry! There are no comments related to the filter you selected.

first posts (-1)

Anonymous Coward | more than 3 years ago | (#35215062)

leaking on slashdot

Where's TFA? (1)

Anonymous Coward | more than 3 years ago | (#35215166)

None of the links seem to be to anything very specific about the title issue ("keys leaking through the air")... was something mispasted in the submission?

Re:Where's TFA? (0)

Anonymous Coward | more than 3 years ago | (#35215216)

It's just a press release to drum up interest/buzz for RSA Conference.

Call out Windows. (1)

twitter (104583) | more than 3 years ago | (#35241158)

It's also an article that fails to call out Windows. Directors Desk is run on Windows [netcraft.com] , so the violation is not so much a case of NASDAQ not being able to "secure their network" as it is a case of no one being able to secure Windows. Most people know by now that sane stock exchanges use GNU/Linux, so they might think this was a GNU/Linux problem. NASDAQ, being very Microsoft/Madoff/crook friendly, did not mention the OS of the failed application either. Perhaps they were belatedly ashamed of being dumb enough to use IIS.

Re:Where's TFA? (0)

Anonymous Coward | more than 3 years ago | (#35215230)

Who cares? This is /. ...

I fucking hate summaries like this (5, Insightful)

topham (32406) | more than 3 years ago | (#35215204)

I fucking hate summaries with a half dozen links that don't seem to link to an article actually discussing the issue in the summary.

Why approved this shit?

Re:I fucking hate summaries like this (1)

Anonymous Coward | more than 3 years ago | (#35215300)

The summary is the article.

Re:I fucking hate summaries like this (3, Insightful)

Lord Ender (156273) | more than 3 years ago | (#35215304)

Sounds like the poster is using slashdot to blog about what he is seeing at the RSA conference. There aren't good links because the data was originally presented in meatspace.

Re:I fucking hate summaries like this (-1)

Anonymous Coward | more than 3 years ago | (#35215308)

Why approved this shit?

I think you mean whom

Re:I fucking hate summaries like this (-1, Troll)

rivetgeek (977479) | more than 3 years ago | (#35215354)

I think YOU mean "who".

Re:I fucking hate summaries like this (0)

Mikkeles (698461) | more than 3 years ago | (#35215456)

That's what Horton heard!

Re:I fucking hate summaries like this (-1)

Anonymous Coward | more than 3 years ago | (#35215526)

I think you mean "your mother". :P

Re:I fucking hate summaries like this (1)

savvysteve (1915898) | more than 3 years ago | (#35215528)

Or "Why approve this?"

Re:I fucking hate summaries like this (-1)

Anonymous Coward | more than 3 years ago | (#35215690)

Why approved this shit?

I think you mean whom

I think you mean who

Re:I fucking hate summaries like this (0)

Anonymous Coward | more than 3 years ago | (#35215368)

It's a paid for posting by RSA, obviosuly.

Re:I fucking hate summaries like this (0)

Anonymous Coward | more than 3 years ago | (#35215566)

It's a paid for posting by RSA, obviosully.

FTFY

Re:I fucking hate summaries like this (0)

Anonymous Coward | more than 3 years ago | (#35216634)

you obviously fixed that for yourself ;^)

Re:I fucking hate summaries like this (1)

lart2150 (724284) | more than 3 years ago | (#35215422)

I can't find anything about this on google so it must not be true.

Re:I fucking hate summaries like this (0)

Anonymous Coward | more than 3 years ago | (#35215442)

Cursing really only makes you look stupid.

Re:I fucking hate summaries like this (1)

somersault (912633) | more than 3 years ago | (#35216266)

Yeah. Really fucking stupid.

Re:I fucking hate summaries like this (1)

adamofgreyskull (640712) | more than 3 years ago | (#35218326)

Go back and hide behind your mommy's skirt, quiche-eater.
"Profanity is the crutch of the ignorant, but every once in a while you've got to talk to one of those ignorant motherfuckers..."

Re:I fucking hate summaries like this (1)

PolygamousRanchKid (1290638) | more than 3 years ago | (#35215520)

Why approved this shit?

With apologies to Abbott and Costello:

  • Who's on first.
  • What's on second.
  • Why? Third base.

http://en.wikipedia.org/wiki/Abbott_and_Costello#.22Who.27s_on_First.3F.22

Re:I fucking hate summaries like this (1)

sconeu (64226) | more than 3 years ago | (#35215906)

Why is the left fielder.
I Don't Know is on third base.
I Don't Give A Darn is the shortstop.

Re:I fucking hate summaries like this (0)

Anonymous Coward | more than 3 years ago | (#35221530)

I'll tell you tomorrow...

Re:I fucking hate summaries like this (1)

dakameleon (1126377) | more than 3 years ago | (#35215680)

Posted by CmdrTaco on Wednesday February 16, @08:41AM from the patch-it-up dept

Byline too small for you?

Re:I fucking hate summaries like this (0)

Anonymous Coward | more than 3 years ago | (#35216174)

Why not?

HBGary Presentation? (1)

Cherita Chen (936355) | more than 3 years ago | (#35215322)

Wondering how Arron Barr's presentation on Social Network went... Though I might post as "Anonymous Coward", but don't feel like having my door kicked in by the Fed's today.

Re:HBGary Presentation? (1)

c0lo (1497653) | more than 3 years ago | (#35215620)

Wondering how Arron Barr's presentation on Social Network went... Though I might post as "Anonymous Coward", but don't feel like having my door kicked in by the Fed's today.

Searched [rsaconference.com] the RSA11 sessions: his presentation is nowhere to be found.

Re:HBGary Presentation? (1)

Anonymous Coward | more than 3 years ago | (#35215634)

He cancelled his presentation of course, but they still have a booth at the RSA conference. Feel free to drop in and say 'hi'.

Re:HBGary Presentation? (1)

Anonymous Coward | more than 3 years ago | (#35215804)

http://www.hbgary.com/statement.htm [hbgary.com]

A group of aggressive hackers known as “Anonymous” illegally broke into computer systems and stole proprietary and confidential information from HBGary, Inc. This breach was in violation of federal and state laws, and stolen information was publicly released without our consent.

In addition to the data theft, HBGary individuals have received numerous threats of violence including threats at our tradeshow booth.

In an effort to protect our employees, customers and the RSA Conference community, HBGary has decided to remove our booth and cancel all talks.

HBGary is continuing to work intensely with law enforcement on this matter and hopes to bring those responsible to justice.

Thank you to all of our employees, our customers and the security community for your continued support.

HBGary, Inc.

Re:HBGary Presentation? (0)

Anonymous Coward | more than 3 years ago | (#35215896)

© 2011 HBGary. All rights reserved.

Re:HBGary Presentation? (1)

PitaBred (632671) | more than 3 years ago | (#35216134)

The first step when you find yourself in a hole? Stop digging.

NASDAQ uses Windows 2003 Server (0)

Anonymous Coward | more than 3 years ago | (#35215350)

"...organizations like NASDAQ can't secure their networks reliably " According to Netcraft, they use Windows server 2003 ( http://toolbar.netcraft.com/site_report?url=http://www.nasdaq.com )... Does this mean something? Just asking..

why on earth... (2)

joocemann (1273720) | more than 3 years ago | (#35215364)

. are sensitive networks like NASDAQ even connected to the internet? There is a common fix for this issue called an AIR GAP. You simply physically disconnect the nternet from the sensitive technology, and then you work forward from there while always regarding the fundamental necessity of the air gap. It is, reckless and foolish considering the reality of the internet, to think you can connect and protect.

Re:why on earth... (3, Informative)

jandrese (485) | more than 3 years ago | (#35215480)

Because eTrade would throw a hissyfit if the stock exchanges were completely disconnected from the net. Not to mention all of the traders that no longer work directly on the floor, but instead issue trades via the network, often times using bots.

Re:why on earth... (1)

Anonymous Coward | more than 3 years ago | (#35215802)

This requires a simple data transfer through a sterile line with extremely simple data types, not a full on connection to the network.

Re:why on earth... (1)

bWareiWare.co.uk (660144) | more than 3 years ago | (#35220704)

The issue for NASDAQ isn't the trivial task of securing their servers, it is establishing and maintaining a chain of trust to the remote clients wanting to authorize trades.

Re:why on earth... (0)

Anonymous Coward | more than 3 years ago | (#35239828)

Exchanges are not on the net! It's all private, dedicated networks.

Re:why on earth... (3, Interesting)

Mashiki (184564) | more than 3 years ago | (#35215570)

Because all trade networks connect to each other now, and the internet is the cheapest way than building dedicated hardlinks to innerconnect to all stock exchanges. I doubt that any exchange would be willing to drop billions to build trans-atlantic/pacific data exchanges, unless something catastrophic happened. Plus it creates central points of weakness.

The internet 'routes around damage'.

Re:why on earth... (2)

mlts (1038732) | more than 3 years ago | (#35215696)

Ideally, the networks should be on a backbone which can piggyback over Internet connections, but by using half-routers that already know each other and use preshared symmetric keys (so even if RSA is broken, the communication going across the pipe is still secure unless someone hacks the endpoint.)

The US government has learned this (NIPRNet and SIPRnet), maybe businesses need their own backbone that is separate from the Internet.

Re:why on earth... (0)

Anonymous Coward | more than 3 years ago | (#35217446)

half routers? you mean ... vpn?

Re:why on earth... (2)

Doug Neal (195160) | more than 3 years ago | (#35215784)

There is a middle ground between using the internet (where delivery is on a best effort basis and has no guarantees of anything) and laying your own submarine cables. Private international leased lines are readily available from a variety of vendors and are used extensively by financial institutions. They're available with various SLAs on contention, latency and uptime depending on how much you're willing to spend. Transatlantic routes are available surprisingly cheaply, as there is an abundance of bandwidth and a ton of carriers competing to sell it. It's usually provided over an MPLS core, which handles routing around damage, with a layer 2 (ethernet) or 3 (IP) handoff.

Re:why on earth... (1)

sexconker (1179573) | more than 3 years ago | (#35216466)

Because all trade networks connect to each other now, and the internet is the cheapest way than building dedicated hardlinks to innerconnect to all stock exchanges. I doubt that any exchange would be willing to drop billions to build trans-atlantic/pacific data exchanges, unless something catastrophic happened. Plus it creates central points of weakness.

The internet 'routes around damage'.

Dedicated links are the only links which can be secured.
It's worth it.

And no, it doesn't necessarily give you a single point of failure, or "central points of wekaness" any more than the internet does.

The worst case scenario for losing electronic trading is small delay in trades going through, thus killing off high frequency trading and forcing people to INVEST.
This would be a GOOD THING.

Re:why on earth... (1)

Mashiki (184564) | more than 3 years ago | (#35218878)

And no, it doesn't necessarily give you a single point of failure, or "central points of wekaness" any more than the internet does.

Oh I believe that dedicated links are worthwhile. The only question is what will happen, and how much money will be spent later. I'd call it human nature myself.

As for a central point of weakness? Sure. All you need to do is look at past incidents where some ship(whether cargo/fisherman/idiot) dredges along and kills net access to 1/3 of the worlds population, or limits it.

Re:why on earth... (1)

nuggz (69912) | more than 3 years ago | (#35219650)

What is the problem with high frequency trading?

I'm an investor, it provides more liquidity.
It doesn't change the value of the stock, it at most causes slight minor price swings, which, with the use of limit orders doesn't affect me.

Re:why on earth... (2)

vux984 (928602) | more than 3 years ago | (#35215590)

. are sensitive networks like NASDAQ even connected to the internet?

So you can get up to date stock quotes from yahoo, instead of waiting for them in the news paper?

So you can log into your bank or brokerage and buy and sell shares of something?

So brokers, fund managers, and so on can do the same, all in real-time from their offices around the world?

Air gapping the stock exchange would be pretty inconvenient for pretty much anyone who deals with it at all.

Re:why on earth... (0)

c0lo (1497653) | more than 3 years ago | (#35215782)

Air gapping the stock exchange would be pretty inconvenient for pretty much anyone who deals with it at all.

The use of Telepathy Control Protocol over Idiotic Precogs would solve this in a blink.
Too bad the BoA seems to hold some patents on it - they used it to register in advance some domain names, so the rumors have it.
(*duck*)

Re:why on earth... (1)

bhcompy (1877290) | more than 3 years ago | (#35215808)

Air gapping it might be inconvenient, but it will make the market a whole lot better for you and me

Re:why on earth... (1)

vux984 (928602) | more than 3 years ago | (#35216058)

Air gapping it might be inconvenient, but it will make the market a whole lot better for you and me

We can make the market a whole lot better for you and me without throwing the baby out with the bathwater.

Being connected to the internet isn't the problem. If they pulled the nasdaq of the net and institutional traders simply dialed into it on dedicated T1/fiber lines totally air-gapped from the Internet it would have all the problems it has now... and it would take a broker charging $100+ per trade to execute a transaction... like it used to.

Re:why on earth... (1)

bhcompy (1877290) | more than 3 years ago | (#35216560)

Meanwhile, volatility goes down and focus on longer term investments than milliseconds goes up. Both are good for the market considering what we've seen these past few years. The cutting edge of technology isn't always beneficial to people or even countries(as I'm sure Mubarak is saying right now).

Re:why on earth... (1)

nedlohs (1335013) | more than 3 years ago | (#35216966)

But you can do that without the disconnecting option, so you are throwing out the baby (low commission trading) with the bathwater (high frequency trading).

Re:why on earth... (2)

TheLink (130905) | more than 3 years ago | (#35219214)

I don't even mind high frequency trading. What I mind is them getting to see stuff before others and act on it.

http://www.nytimes.com/2009/07/24/business/24trading.html [nytimes.com]
http://www.nytimes.com/imagepages/2009/07/24/business/0724-webBIZ-trading.ready.html [nytimes.com]
http://www.nytimes.com/2009/08/05/business/05flash.html [nytimes.com]

Go ahead, send your orders as fast as you want. But being able to see other people's orders AND cancel your orders accordingly before the rest of the market gets them is cheating.

Re:why on earth... (1)

nedlohs (1335013) | more than 3 years ago | (#35228528)

Which can be removed without removing low commission changing.

Re:why on earth... (1)

nuggz (69912) | more than 3 years ago | (#35219498)

But liquidity goes down.
I'm a buy and hold invester, I don't really care about HFT. I still don't understand how HFT hurts me?
Doesn't it just increase volume thereby letting my trades complete more efficiently.

I still get the shares I want at the price I want.

Re:why on earth... (1)

Doug Neal (195160) | more than 3 years ago | (#35216838)

Actually it's not common for exchanges to offer connectivity in via the internet except perhaps for low-traffic connections for integration testing and suchlike. The unpredictability of the internet makes it impossible for them to guarantee the service levels that are demanded. The constant stream of pricing updates can run into the gigabits per second depending on what you're subscribed to. If you're big enough to be trading directly on the exchange, the cost of the leased lines and/or colocation next to the exchange (latency is everything) is easy to swallow. Extranets like Radianz are also a very popular option. Brokerage is still alive and well and institutions that aren't doing high-frequency trading will often deal with with brokers.

Re:why on earth... (1)

nedlohs (1335013) | more than 3 years ago | (#35216980)

But those with the connections aren't likely to air gap them from the rest of their network.

Re:why on earth... (1)

vux984 (928602) | more than 3 years ago | (#35217930)

If you're big enough to be trading directly on the exchange, the cost of the leased lines and/or colocation next to the exchange (latency is everything) is easy to swallow.

And as long as those leased lines and co-located servers are connected to the internet... ...Then the exchanges are connected to the internet.

Re:why on earth... (2)

Fnkmaster (89084) | more than 3 years ago | (#35215686)

Hmmm... Okay, but all the other servers that have to talk to it *are* connected to the internet. I know because I've set servers up before in their primary data center.

So even if you keep all the NASDAQ servers on a private network only, you still have all the entry points from the physical ethernet drops throughout the data center going into all the cages (several thousands of them) of people routing orders onto NASDAQ.

So when Joe Brokerage or John Trading Shop gets compromised, it's only a hop away to the NASDAQ servers anyway.

Also, any functions that NASDAQ runs that do need internet access now need to be run on servers that are segregated out from their private network servers... and again, surely those probably need to communicate with those private network servers at some point.

In fact, I'm guessing that's roughly how their stuff is set up from what I remember about interacting with it. But completely disconnecting everything from the internet makes it kind of hard to interact with all the stuff out there that is on the internet.

Re:why on earth... (1)

eyenot (102141) | more than 3 years ago | (#35216096)

didn 't you read the summary?

the "air gap" has been closed within 10 feet of a person even/especially on the busy, crowded, everybody's-holding-a-palmtop NASDAQ floor.

Re:why on earth... (0)

Anonymous Coward | more than 3 years ago | (#35216276)

. are sensitive networks like NASDAQ even connected to the internet?

Who says they're not?

But if this is a targeted attack, then the first step would be to look up the employees via LinkedIn or Monster. Most companies have algorithmic e-mail addresses (first.last@bigcorp.com), and now you can start going for internally connected individuals. Start off with secretaries and HR or Finance. They people are—generally speaking—not up to speed on the most recent advanced persistent threats (APTs).

Once you get one of those machines, your malware should start scanning the network for network-attached (multi-function) printers, which often aren't patched regularly, and also have confidential documents that are on their disks (even if the spool files are deleted, they're rarely wiped/over-written). Printers also often have LDAP connections to the corporate address book for scan-to-email functionality where you can look up people's names/addresses. You can know everyone who works at the company and how to contact them (and perhaps even titles, so you know who to go after next).

You now have a major beach head and can start your real attack.

This isn't rocket surgery.

Re:why on earth... (1)

HomelessInLaJolla (1026842) | more than 3 years ago | (#35216818)

Hooray! Someone else finally recognizes the printer attack as the ultimate way to pirate the entire network!

Any HTML exploit to a vulnerable browser attached to a network and it's game over for the world. Firewalls, IDS, LAN, VLAN, virtual machine, blah blah blah doesn't matter. If the system on which you use a web browser has access to a shared printer then you may as well operate under the assumption that some teen in Bangkok already has access to everybodies' ATM cards.

Re:why on earth... (1)

timeOday (582209) | more than 3 years ago | (#35218240)

And WalMart could eliminate shoplifting by building their stores without doors.

Re:why on earth... (0)

Anonymous Coward | more than 3 years ago | (#35218780)

because NASDAQ still run on SCO systems......

Re:why on earth... (0)

Anonymous Coward | more than 3 years ago | (#35219924)

You can protect, a virtual air gap would be a system connected to the internet, it can receive data from a deeper layer, but cannot transmit any back.

An ad for RSA? (1)

vvaduva (859950) | more than 3 years ago | (#35215656)

wtf is this article - is there actual content anywhere or is it an ad for the RSA conference?

Some background (5, Informative)

Dr. JJJ (325391) | more than 3 years ago | (#35215688)

I'm sorry that there's no direct article for this submission, and I'm not certain who submitted it, but as an employee of CRI and one of the designers of the demo, I'd like to give you some details about what's going on.

At CRI we have a lab full of what I consider to be cool equipment, and what's more, some spare time to look at things. We specialize in side-channel analysis and we asked ourselves: what sort of side-channel leaks might be present in consumer PDAs? We took a USRP(1) interface that we had lying around and started investigating the RF emanations of a few of the devices we had easily on hand. We coded some simple cryptographic applications and were surprised at how quickly we were able to find ways to demodulate the various signals in the device in a way that revealed the bits of the secret keys being used.

We are indeed using GNURadio for the demo. It's been very helpful because it makes rapid prototyping very easy. We use gnuradio-companion to set up the signal processing blocks (mostly AM demodulation) and to set up a simple UI that helps us tune into the right carrier frequencies in real-time during the demo. The rest of the demo involves using our own custom waveform viewer to look at the demodulated signal and show visitors how we can analyze the signal on the screen and extract the key bits that were used during the encryption/decryption process on the device.

Re:Some background (1)

TubeSteak (669689) | more than 3 years ago | (#35216030)

mostly AM demodulation

Amplitude Modulation demodulation?
The avg person won't think twice about it, but us pedants can't help it.

That aside, I'm not surprised that consumer software is blabbing its secrets all over the airwaves.
Even for companies who spend millions on security Q&A for their software, they still manage to find new and innovative ways to screw it up.

Re:Some background (3, Insightful)

Anonymous Coward | more than 3 years ago | (#35216136)

What's wrong with demodulating an amplitude modulated signal? How would you have phrased it differently without losing information?

Re:Some background (0)

Anonymous Coward | more than 3 years ago | (#35220048)

Amplitude Modulation detection, carrier signal envelope recovery, ...

Re:Some background (0)

Anonymous Coward | more than 3 years ago | (#35221238)

"Der, der, der, der, der. Imma massive douchebag! Look at my giant pedant-penis!"

Re:Some background (1)

Em Adespoton (792954) | more than 3 years ago | (#35222596)

Maybe he'd prefer the term Amplitude Modem?

Re:side-channel analysis (1)

DocSavage64109 (799754) | more than 3 years ago | (#35216262)

The side-channel analysis was the most fascinating blurb in this article. Thanks for sharing how this works. Are all PDAs so RF noisy in their processing? Have you considered using this technique on some modern smart phones?

Re:Some background (0)

Anonymous Coward | more than 3 years ago | (#35216572)

I'm not sure I buy it. Sure you could detect signals eminating from a smart phone, but decifering them into something coherent? Really? That's pretty awesome if it can be done, but where are the details about what devices you used and what exactly you did?

Pretty much any "bits" could be said to be part of a secret key. Did you get a few bytes of the secret key that are meaningful (statistically)? Or did you just get 0011 and say hey the secret key has a 3 in it so we deciphered part of it?

Re:Some background (1)

owlstead (636356) | more than 3 years ago | (#35220882)

"I'm not sure I buy it. Sure you could detect signals eminating from a smart phone, but decifering them into something coherent? Really? That's pretty awesome if it can be done, but where are the details about what devices you used and what exactly you did?"

That is completely in line what I've seen done during side channel attacks on various kind of devices - for me it is not hard to believe at all. Besides that, I used to listen to radio tuned to my MSX computer. It wasn't long until you could find out by listening to the audio signal what your computer doing. This is basically the same thing, except that the frequency is a bit higher, and more dense information is extracted.

Besides all that, there is no way that a company like this is *ever* going to fake this kind of demo. The security crowd isn't well known for its humor regarding rigged demos.

PS quoted manually since the reply function does not seem to space the reply very well

TACO iS TOO FAT AND TOO DRUNK!! YOU ARE RELIEVED!! (0)

Anonymous Coward | more than 3 years ago | (#35215746)

Get your fat ass to bed and then go talk to Marie O !!

Same story at RSA every year (0)

Anonymous Coward | more than 3 years ago | (#35215836)

Gee what a surprise, someone at RSA is demonstrating that RSA users' wireless is insecure. Next story please, this is done and tired.

Shielding (1)

unlocked (305145) | more than 3 years ago | (#35217062)

Couldn't you design the assemblies so the boards could be conformal coated with a dialectic layer and them potted with a RF absorbing layer and then a grounded layer as not be able to pick up the emissions in the first place.

Re:Shielding (1)

naturaverl (628952) | more than 3 years ago | (#35217404)

Couldn't you design the assemblies so the boards could be conformal coated with a dialectic layer and them potted with a RF absorbing layer and then a grounded layer as not be able to pick up the emissions in the first place.

I suppose you could, but it'd really ruin your reception. As long as you have the need for a functioning antenna connected to the device, stray signals will be received as well as transmitted. Not to mention that your idea would increase the build cost in a way that most manufacturers would deem "unnecessary".

TPM (1)

Lehk228 (705449) | more than 3 years ago | (#35217244)

years ago i predicted that such attacks could be utilized to crack TPM keys and such, looks like my prediction was tending towards correct.

Re:TPM (1)

russotto (537200) | more than 3 years ago | (#35217634)

years ago i predicted that such attacks could be utilized to crack TPM keys and such, looks like my prediction was tending towards correct.

These side-channel attacks have been known for years; the TPM guys know them too, and have likely at least made attempts to stymie them.

Re:TPM (1)

owlstead (636356) | more than 3 years ago | (#35220934)

You may leave that "likely" out. Most of these TPA modules are modified smart card chips, and they certainly provide security against DPA attacks. The problem is that most general purpose CPU's do not. This becomes more of a problem if this chip is a low frequency, highly mobile RISC chip, I suppose.

Re:TPM (1)

Em Adespoton (792954) | more than 3 years ago | (#35222760)

The interesting thing about this is that the security protections in SC chips would be triviial to port to a larger IC CPU; you're get a bit of performance loss, but randomizing the pipelining would probably be enough for simple protection.

So what you'd see is not too much cost involved in adding the protection, but a minor performance hit. Seems to me the Mobile market (where chips are usually underclocked anyway) would be the perfect market to start implementing this in. Gaming PCs probably don't need this feature anyway, so if it could be installed but disabled (with a Turbo/Insecure button?) everyone could have what they want.

We used to play the disk channel on an IBM 1130 (1)

garyebickford (222422) | more than 3 years ago | (#35217580)

Gee, this takes me back. The IBM 1130 (actually IIRC a later clone) had a 'Winchester' (IBM model 3030) washingmachine-sized drive with a 5 HP stepping motor to drive the arm, and removable 5 MB disk packs. Somebody back in the mists of history figured out that if you put a transistor radio on top of the console in the right place, the disk controller signals that drove the stepping motor made enough EMI to generate an AM radio signal. So they wrote an assembler program that could play different songs according to data stored on a data cards that followed the program cards in the deck. So we could play "Jingle Bells" while thrashing the disk seek mechanism. Big Fun!!

Those Winchester drives would actually walk across the floor if the seek cycles got in sync with the natural resonant frequency of the box itself. Five horsepower (about 4 KW) has to go somewhere.

Re:We used to play the disk channel on an IBM 1130 (1)

garyebickford (222422) | more than 3 years ago | (#35217614)

Correcting myself - The disk drive was not model 30-30. It was probably the IBM 1311 [wikipedia.org] . You can read the history [wikipedia.org] of how these got called "Winchesters".

Re:We used to play the disk channel on an IBM 1130 (1)

garyebickford (222422) | more than 3 years ago | (#35217620)

... or the IBM 2311 [wikipedia.org] . Sigh... Note to self: do the research before you hit 'Submit'. :P

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>