[Arm-netbook] Microsoft confirms UEFI fears, locks down ARM devices

Henrik Nordström henrik at henriknordstrom.net
Sun Jan 15 19:42:47 GMT 2012


sön 2012-01-15 klockan 16:06 +0000 skrev Gordan Bobic:

> I rather expect that all it'll take to disable all that is a working JTAG.

Sorry, but not if the manufacturer does it's homework.

Part of ARM TrustZone is also securing JTAG, blocking JTAG access to the
secured parts of the system, or even entirely if they like. This means
that even if you solder on the JTAG port you won't really get anywhere.
In best case you can take control over the unsecured part of the device
(which often is good enough) but the secured part will still run (on the
same CPU btw) and may kick you out at any time should it notice that
something is not right with the untrusted code it supervises.

TrustZone documentation very carefully points out that JTAG needs to be
disabled for the secure parts in production devices and only development
devices should allow JTAG access to the secure parts and then with a key
that is invalid for production use.

Bottom line is that if manufacturers want to securely block booting
other OS:es on their devices then all the power they need for doing so
is already there in nearly all modern ARM devices available today. It's
another matter of using it properly. Secure cryptography is inherently
complex to manage proper.

Regards
Henrik




More information about the arm-netbook mailing list