Difference between revisions of "Hardware Protection"

From MgmtWiki
Jump to: navigation, search
(Context)
(Problems)
Line 5: Line 5:
 
* The TPM (Trusted Platform Module) version 1 was a purely hardware version of protection that was offered only as a stand alone chip. With version 2 defined as software, it can be (and is) included in any [[Trusted Execution Environment]].
 
* The TPM (Trusted Platform Module) version 1 was a purely hardware version of protection that was offered only as a stand alone chip. With version 2 defined as software, it can be (and is) included in any [[Trusted Execution Environment]].
 
==Problems==
 
==Problems==
When hardware contains software, and particularly when it contains firmware, it no longer has the same level of protection that a purely hardware solution offers. For example the Apple T2 chip has been hacked and cannot be fixed in the field.<rev>Lily Hey Newman, ''Apple's T2 Security Chip Has an Unfixable Flaw'' (2020-10-05)  https://www.wired.com/story/apple-t2-chip-unfixable-flaw-jailbreak-mac/?bxid=5c5b250d24c17c67f8640083&cndid=45183233&esrc=AUTO_PRINT&mbid=CRMWIR092120&source=EDT_WIR_NEWSLETTER_0_DAILY_ZZ&utm_brand=wired&utm_campaign=aud-dev&utm_content=A&utm_mailing=WIR_Daily_100720&utm_medium=email&utm_source=nl&utm_term=list1_p4</ref>
+
When hardware contains software, and particularly when it contains firmware, it no longer has the same level of protection that a purely hardware solution offers. For example the Apple T2 chip has been hacked and cannot be fixed in the field.<ref>Lily Hey Newman, ''Apple's T2 Security Chip Has an Unfixable Flaw'' (2020-10-05)  https://www.wired.com/story/apple-t2-chip-unfixable-flaw-jailbreak-mac/?bxid=5c5b250d24c17c67f8640083&cndid=45183233&esrc=AUTO_PRINT&mbid=CRMWIR092120&source=EDT_WIR_NEWSLETTER_0_DAILY_ZZ&utm_brand=wired&utm_campaign=aud-dev&utm_content=A&utm_mailing=WIR_Daily_100720&utm_medium=email&utm_source=nl&utm_term=list1_p4</ref>
  
 
==References==
 
==References==

Revision as of 09:54, 8 October 2020

Full Title

Hardware Protection offered by Hardware Security Modules (HSM see FIPS 140) or management chips.

Context

  • Latest version as of 2019-05-22 is FIPS 140-3, version 3.
  • The TPM (Trusted Platform Module) version 1 was a purely hardware version of protection that was offered only as a stand alone chip. With version 2 defined as software, it can be (and is) included in any Trusted Execution Environment.

Problems

When hardware contains software, and particularly when it contains firmware, it no longer has the same level of protection that a purely hardware solution offers. For example the Apple T2 chip has been hacked and cannot be fixed in the field.[1]

References

  • Lily Hey Newman, Apple's T2 Security Chip Has an Unfixable Flaw (2020-10-05) https://www.wired.com/story/apple-t2-chip-unfixable-flaw-jailbreak-mac/?bxid=5c5b250d24c17c67f8640083&cndid=45183233&esrc=AUTO_PRINT&mbid=CRMWIR092120&source=EDT_WIR_NEWSLETTER_0_DAILY_ZZ&utm_brand=wired&utm_campaign=aud-dev&utm_content=A&utm_mailing=WIR_Daily_100720&utm_medium=email&utm_source=nl&utm_term=list1_p4