Former U.S. military security specialist Christopher Tarnovsky found a weakness in Infineon’s SLE66 CL PE and presented the results of his hack at the Black Hat 2010 computer security conference. The Infineon chip is used in PCs, satellite TV hardware, and gaming consoles to protect secure data.
Tarnovsky, who works for security firm Flylogic, said that cracking the Infineon chip, which has a Trusted Platform Module (TPM) designation, was a long process involving an electronic microscope (which retails for around $70,000). The attack on the chip took six months to plan and execute, and it involved dissolving the outer part of the chip with acid and using tiny needles to intercept the chip’s programming instructions.
After gaining physical access to the chip, Tarnovsky still had to navigate the chip’s software defenses. According to the Associated Press, Tarnovsky remarked that “This chip is mean, man–it’s like a ticking time bomb if you don’t do something right.”
Does this mean that Infineon’s flagship secure chip has been entirely compromised? Infineon was aware that a physical hack was possible, but a company representative notes that an attack of this sort would require resources beyond that of the typical cracker. Joerg Borchert, a vice president of security at Infineon, told the AP that, because this attack requires a combination of physical access to the chip, a smart hacker, and expensive equipment, “the risk is manageable, and you are just attacking one computer.”
Will we start seeing peripherals for the Xbox that take advantage of this hack? Maybe, but don’t count on it, unless you know hackers who are willing to shell out almost $100,000 for the electron microscope and other equipment they would need in order to compromise the Infineon chip.
[Photo: FxJ on Wikipedia (public domain)]
