Blackhat TPM Talk Follow-up
Since speaking at BlackHat DC 2009, there have been several inquiries in regards to the security of the SLE66PE series smartcard family. Here are some issues that should be pointed out: We have heard, “..it took 6 months to succeed..” The reality is it took 4 months to tackle obsticles found in any <200nm device such as: Capitance/load of probe needles when chip is running. Powering the device inside the chamber of a FIB workstation. Level-shifting a 1.8v core voltage following what we learned in #1 above. Cutting out metal…
Atmel ATMEGA2560 Analysis (Blackhat follow-up)
At this years Blackhat USA briefings, the ATMEGA2560 was shown as an example of an unsecure vs. secure device. We have received a few requests for more information on this research so here it goes… The device did not even need to be stripped down because of designer lazyness back at Atmel HQ. All we did was look for the metal plates we detailed back in our ATMEGA88 teardown last year and quickly deduced which outputs were the proper outputs in under 20 minutes. Atmel likes to…
Parallax Propeller P8X32A Quick Teardown
Parallax has a really neat 8 core 32 bit CPU called the ‘Propeller’. It’s been out for a few years but it is gaining popularity. There is no security with the device as it boots insecurely via a UART or I2C EEPROM. None the less, we thought it was interesting to see an 8 core CPU decapsulated! One can clearly see 8 columns that appear almost symmetric (except in the middle region). The upper 8 squares are each ‘cogs’ 512 * 32 SRAMs as described in the…