Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Unspoofable Device Identity Using Flash Memory

wiredmikey (1824622) writes | more than 3 years ago

Security 0

wiredmikey (1824622) writes "In 1998, Intel announced the introduction of processor identities. Privacy advocates were terrified and it never happened. But a researcher has a new way to identify devices via its flash memory...

Very interesting article on how we can use errors in NAND Flash memory to identify devices — "NAND flash can actually lose data integrity just by reading its contents, but such errors can be corrected using error-correcting codes. Using a small piece of software, we can recognize devices (or rather: their flash memory) by their defects. Very much like humans recognize faces: by their defects (or deviations from the “norm”) a bigger nose, a bit too bushy eyebrows, bigger cheeks."

The nice twist is that if an attacker manages to read your device identity, he cannot inscribe it into his own device. Yes, he can create errors – like we did. But he cannot control where in the block they occur as this relies solely on microscopic manufacturing defects in the silicon....(more)"

Link to Original Source

cancel ×

0 comments

Sorry! There are no comments related to the filter you selected.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>