Researcher Cracks Trusted Platform Module Security Chip


At the Black Hat DC Conference 2010 security researcher Christopher Tarnovsky of FlyLogic Engineering has demonstrated a way to defeat the Trusted Platform Module chips widely used to secure data in computers, identity cards, gaming systems like the Xbox 360, cable set-top boxes, and other electronics. TPM modules are widely used in enterprise, health care, government, and military applications to protect data through encryption, particularly on portable devices that might be easily lost or stolen. Although Tarnovsky’s process is labor intensive and requires both specialized equipment and a significant period of physic access to the device to be cracked, his step-by-step instructions do outline how to get data out of a TPM-protected system, including encryption keys and manufacturing information that could be used to create pre-cracked counterfeit chips.

Tarnovsky used a highly detailed (and time consuming) process of analyzing the Infineon SLE 66 CL PE chip using an electron microscope to identity the core of the chip and create a “bridge map” that enabled him to bypass the chip’s integrated tamper-prevention measures using tiny needles to tap the system’s data bus. This was after soaking the chips in acids and rust removers to remove the chip’s shells and delicate mesh wiring. The process took Tarnovsky about nine months, but once it was done he had access to not only any data on the computer, but to critical information that could be used to create counterfeit chips.

Tarnovsky has said he believes similar exploits are possible with chips other than the Infineon units he attacked, but has not tried them yet. He went through a large number of Infineon TPM chips and needles—and a lot of electron microscope time—but believes subsequent cracks would be faster now that a process has been established. Tarnovsky said he reported his results to both Infineon and the Trusted Platform Module standards organization, but hasn’t heard back from anyone.

TPM advocates have never claimed the chips are magically immune to a sophisticated, long-term hardware based attack, and Tarnovsky repeatedly admitted the Infineon chip he attacked was very difficult to crack thanks to all the traps engineers had set to prevent just that sort of tampering. Although Tarnovsky’s process isn’t widely practical in the real world, it does crack open the lid on data that was widely believed to be well-protected. And in an age where industrial espionage and cyberattacks are becoming commonplace, we’re sure someone somewhere is looking very carefully at TPM modules.


Keep your laptop battery in tip-top condition with these handy tips

Learn how to care for your laptop's battery, how it works, and what you can do to make sure yours last for years and retains its charge. Check out our handy guide for valuable tips, no matter what type of laptop you have.

Now’s your chance to get the latest iPad Pro for $100 less on Amazon

The latest iPad Pro has always been our favorite since its release last year, and we even tagged it as the best tablet ever. Don’t miss out on Amazon’s discount on the 12-inch 256GB Wi-Fi model and get yours today for $1,049.

From Chromebooks to MacBooks, here are the best laptop deals for August 2019

Whether you need a new laptop for school or work, we have you covered. We've put together a list of the best laptop deals going right now, from discounted MacBooks to on-the-go gaming PCs.

Amazon cuts $52 off this Samsung Galaxy 10.1-inch tablet for the whole family

Normally priced at $330, you can grab the Samsung Galaxy Tab A 10.1-inch 128GB Wi-Fi tablet now for only $278 and enjoy $52 savings. On top of that, Amazon is offering an extra $28 discount when you apply for a coupon during checkout.

Tired of choosing between Windows and Mac? Check out these Chromebooks instead

We've compiled a list of the best Chromebooks -- laptops that combine great battery life, comfortable keyboards, and the performance it takes to run Google's lightweight Chrome OS. From Samsung to Acer, these are the Chromebooks that really…

Tired of your Mac freezing? Try these tips to fix your Mac

A Mac that keeps freezing can be an incredibly annoying thing to deal with, but fixing it doesn’t have to be a pain. There are six main things you should try, which we got through in this guide to help you fix the issue once and for all.

1.5% of Chrome users’ passwords are known to be compromised, according to Google

In February, a new feature was introduced to the Google Chrome browser which checks whether users' passwords are secure. Now, Google has released eye-opening stats gathered from Password Checkup.

Here's our guide to how to charge your laptop using a USB-C cable

Charging via USB-C is a great way to power up your laptop. It only takes one cable and you can use the same one for data as well as power -- perfect for new devices with limited port options.

Latest Windows 10 update is causing random reboots and can break Visual Basic

The latest update for Windows 10, made available on Tuesday this week, includes patches against two critical vulnerabilities. But it is causing a string of issues including random reboots and failure to install.

Delete tracking cookies from your system by following these quick steps

Cookies are useful when it comes to saving your login credentials, but they can also be used by advertisers to track your browsing habits across multiple sites. Here's how to clear cookies in the major browsers.

Enjoy your music on more devices: Here's how to convert FLAC to MP3

FLAC files sound awesome — that is, if your device can handle the lossless format. No matter your OS there's a converter for you. Here's how to convert FLAC to MP3, so you no longer have to worry about incompatibility issues.

Windows 10 can split and resize windows with ease. Here's how to do it

The window management features of Windows 10 can be particularly helpful for those who frequently multitask. Here's how to split your screen according to your workflow needs by using Snap Assist and other native tools.

Installing fonts in Windows 10 is quick and easy -- just follow these steps

Want to know how to install fonts in Windows 10? Here's our guide on two easy ways to get the job done, no matter how many you want to add to your existing catalog, plus instructions for deleting fonts.

Sending SMS messages from your PC is easier than you might think

Texting is a fact of life, but what do you do when you're in the middle of something on your laptop or just don't have your phone handy? Here's how to send a text message from a computer, whether via an email client or Windows 10.