LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Viruses?

Viruses?

Posted Jan 20, 2012 0:46 UTC (Fri) by raven667 (subscriber, #5198)
In reply to: Viruses? by BenHutchings
Parent article: SFLC: Microsoft confirms UEFI fears, locks down ARM devices

I don't think you understand the security implications of how this verification works, it's not a cakewalk to get around. This has been proven in practice on game systems for example, it took a looooong time to break and didn't stay broken for long. It's good enough for the intended purpose. You have to compromise the first step in the process or nothing else matters, you can't exploit a vulnerability until you can run code under your control. Things only get murky when the full os loads and starts loading user supplied code. The more that can run before user supplied code is run the less murky it gets

(Log in to post comments)

Viruses?

Posted Jan 20, 2012 6:08 UTC (Fri) by BenHutchings (subscriber, #37955) [Link]

The code verification chains for the three popular consoles have been cracked repeatedly. The PS3 seems to have been left alone for a long time because OtherOS let people run their own software legitimately, but was cracked fairly quickly after Sony removed that feature in a firmware update.

One of the obstacles to disassembling and finding weaknesses in the code verification chain seems to have been that the relevant code has been embedded within ASICs and/or encrypted. But neither of those are being proposed or are likely to be practical in a general-purpose PC.

Sorry, but this is not true

Posted Jan 20, 2012 6:27 UTC (Fri) by khim (subscriber, #9252) [Link]

The code verification chains for the three popular consoles have been cracked repeatedly.

Sorry, but no. Only Wii (which apparently had security bolted on after the initial design) can be broken using only software without any specialized hardware.

XBox360 does not have any software exploits: all the existing break-ins require hardware modifications.

PS3 was only broken once, that happened half-year after removal of OtherOS and was quickly and efficiently remotely patched: if you ever upgrade your PS3 to firmware version 3.56 you'll lose the ability to break the code verification chain. The time where you had the ability to use PSN on cracked console was short indeed.

One of the obstacles to disassembling and finding weaknesses in the code verification chain seems to have been that the relevant code has been embedded within ASICs and/or encrypted.

Right - this is natural next step. This will happen eventually. Actually this is already true for ARM devices (they usually are built as a single SOC with many different chips tied together) - perhaps this is why Microsoft is more concerned about them? It knows x86 will be crackable for a few more years anyway...

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds