[Arm-netbook] extraordinary claims ...

freebirds at fastmail.fm freebirds at fastmail.fm
Sat Jul 7 19:07:07 BST 2012


Thank you Luke Leighton for your open mindedness, support and interest
in ARM security. I thank the other members for withholding judgment. Of
the few members who expressed criticism, try to make it constructive
criticism like Gordon Bobic's advise on hardening which I will follow.

Since Luke Leighton expressed an interest in security, I will inform you
that TrustZone, who has morphed into Trusted Execution Environment (TEE)
will be morphing into Mobicore. The description of Mobicore is REMOTELY
manageable TEE. ARM is taking after Intel who morphed TPM into TXT
(Trusted Execution Technolopgy). 

"ARM is pairing with Giesecke & Devrient, makers of a custom heavily
sandboxed, remotely manageable TEE operating system dubbed "Mobicore". 
As an alternative to iOS or Android, companies could flash employee
handsets with Mobicore, which is now being accelerated and enabled
directly by hardware, thanks to the new partnership."
http://www.dailytech.com/ARM+to+Bake+OnDie+Security+Into+Next+Gen+Smartphone+Tablet+PC+Cores/article24372.htm

Mobicore can be installed into older devices by companies flashing
TrustZone. Can companies, abusers, government remotely flash any
TrustZone they want? Or will ARM perform automatic updates? Similar to
automatic BIOS updating that Dell and Lenova perform which installed
Computrace on laptops that previously didn't have it?  

"The MobiCore platform will provide a secure execution environment for
mobile payments authentication, emails or corporate VPN access.. . .In
addition, G&D’s Trusted Service Management (TSM) solution will enable
organizations such as network operators and banks to install and
customize additional security-critical apps in the protected area . . ." 
http://www.bobsguide.com/guide/news/2012/May/4/gd-announces-mobicore-integrated-security-platform-to-support-
samsung-galaxy-s-iii-in-europe.html

MobiCore would potentially allow crackers, investigators and government
"corporate VPN access" to install (infect) apps (malware) in TrustZone.

I have not seen Mobicore discussed in the ARM forum. When I asked about
TrustZone and out of band monitoring on FreedomBox Foundation's mailing
list and on ARM's forum, TrustZone was assumed benign. In its infancy,
yes. But like Intel developed TPM to include TXT, ARM is developing
TrustZone to become more powerful than TPM. Perhaps this is why AMD
partnered with ARM to include TrustZone in AMD's processors. We must
know consider what TrustZone will become. It will become Mobicore. I
will ask the above questions on the ARM forum. 

Open hardware advocates and freedom advocates need to examine the safety
of their hardware, identify the hype (spinning) of the advertised
benefits of TrustZone and to recognize that present safety does not mean
future safety if the hardware can be subsequently flashed by a third
party. At the bare minimum, disclose in the specifications of the
EOMA-68 CPU Card, BeagleBoard xM and other ARM Cortex A boards, the
present and future full capacity of TrustZone. We need to customize
hardware to be truly open hardware. Truly open hardware would not have
TEE and Mobicore's remote monitoring.

I will research whether flashing with Mobicore can be performed
remotely. Even if flashing requires physical access, the cracker needs
to be lucky just once to break into an office, room, car, storage unit,
etc. to gain physical access. There is probably no easy way to detect if
Mobicore was installed or exactly what TrustZone is actively performing.
Like AMD's and Intel's virtualization, secure erasing the hard drive and
reinstalling the OS (and reflashing BIOS) will not deactivate
virtualized monitoring. What will? Note the article stated "enabled
directly by hardware." How will users know it exists and how to disable
it? Would they be brave enough to ask on forums risking that they may be
rejected as paranoid? Disabling TrustZone is not in users guides. I
would not be surprised if disabled TrustZone can be flashed anyway.

My purchasing a Sunlike netbook from Tom Cubie is taking a large risk.
Yet, the only alternative are a Lemote Yeeloong A2 netbook that were
introduced in 2008 (wifi removable and no bluetooth or TrustZone) or an
older technology SheevaPlug because it neither has wifi, bluetooth or
TrustZone. 


On Sat, Jul 7, 2012, at 01:30 PM, lkcl luke wrote:
> On Sat, Jul 7, 2012 at 1:55 AM,  <freebirds at fastmail.fm> wrote:
> 
> > I will continue to research ARM TrustZone and ARM TEE on my own and
> > refrain from posting on these topics.
> 
>  so.   michael zucchi: congratulations.  you've just deprived me and
> everyone else on this list of access to an area of research into
> security, thanks to your inflexible belief system and your lack of
> tolerance for others.
> 
>  don't *ever* do that again.  don't you DARE judge people.
> 

-- 
http://www.fastmail.fm - Access your email from home and the web




More information about the arm-netbook mailing list