[Freedombox-discuss] PSN, ARM's Trust Zone and TPM

Thu Jun 28 05:53:55 UTC 2012

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 27 Jun 2012, freebirds at hushmail.com wrote:

> "It (PSN) allows software manufacturers and websites to identify
> individuals more precisely." From:
> http://www.geek.com/glossary/P/psn-processor-serial-number/

- From that same article, "there is no benefit to home users, as websites
are not using this technology."

I am not disputing that the serial numbers exist. I'm wondering how
viable they are as an attack vector, and thus how much of a threat they
realistically pose.

> Intel's misrepresented that it would discontinue inserting PSN and
> in its place use TPM (Trusted Platform Module). Whereas, Intel
> continued to insert PSN in its next processor, the Pentium 4. See
> http://www.hardwarecentral.com/archive/index.php/t-49252.html

You keep posting links to this forum archive, but this is hardly an
authoritative source. A lot of the claims you're referencing on this
forum are completely unsubstantiated.

> TPM's invasion of privacy is discussed at
> http://www.gnu.org/philosophy/can-you-trust.html and see section on
> How can TC be abused? at http://www.cl.cam.ac.uk/~rja14/tcpa-
> faq.html

All of the scary scenarios posed by the authors of both of these pages
are implicitly dependent on the operating system and software
intentionally making use of the TPM chip. Even if the TPM chip is
activated, and even if the OS loads appropriate drivers for it, the chip
itself, to my understanding, doesn't _do_ anything unless software
running on the system instructs it to.

So far, I'm seeing a lot of hypothetical use cases, but no evidence
actual software that typical consumers would have installed (let alone
software that would be included in a distribution like FB) that makes
use of the TPM chip in any way.

> TPM is a 1 GB microchip on the motherboard. TPM is not in the
> processor. TPM has an universally unique identifier (UUID). In
> addition to its own visible UUID, TPM creates a composite UUID
> containing the serial numbers of other hardware such as the
> internal hard drive. Websites, government, IT administrators and
> hackers can see these UUIDs.

How? How can they see these UUIDs? How do they access them? Where are
they reported?

> For example, if a consumer purchases an e-book or software and
> changes his or her internal hard drive or copies it onto another
> computer, the e-book will not play.

But that's only possible if the ebook in question was encumbered by DRM
in the first place, right? If I only buy DRM-free ebooks then how would
the TPM prevent me from reading them on any system I choose?

> Government, hackers and information brokers can track the activity
> and geolocation of computers by their UUIDs. Websites that read the
> UUIDs can sell this tracking information along with other tracking
> information to information brokers who resell it to investigators
> who resell it to abusers.

Again, how would a website access the UUID of a remote client? And
furthermore, how would a website determine the geolocation of that
client? I don't understand how you're making these logical leaps, please
explain the mechanisms in detail.

> Besides being tracked by use of a credit card, consumers can be
> tracked by the UUID when they do online banking.

Is it known that banking websites are accessing and tracking UUIDs? If
so, same question as above, how are they doing it?

> Hackers had it easy when one OS dominated the world. One article
> discussed that hackers are performing less software attacks and
> instead attacking processors.

Which article? Please cite your source.

> Hacking the processor at the kernel
> level gives complete remote control of the computer.

I'm not sure that this statement makes any sense to me. Could you
explain how these attacks work at a technical level?

> A PSN makes
> the processor visible online. A PSN makes the processor vulnerable
> to hacks.

Again, I'm not following your logical leaps here. How exactly does the
PSN make the processor "visible online" or "vulnerable to hacks"? As far
as I am able to understand from the sources you have cited, the PSN is
merely a static serial number, much like the MAC address on a NIC. How
does that make a system "visible online" or "vunlerable to hacks"? I
must be missing some vital technical details.

> Firmware rootkits that infect the BIOS are not always erased by
> flashing the BIOS. See articles on the mebromi firmware rootkit.

Mebromi attacks the BIOS, not the processor. It also has nothing to do
with PSNs or TPMs, as far as I can tell it ignores both. I'm not sure
what your point is. If you're saying that malware can infect the BIOS,
then I agree. If you're trying to say that PSN or TPM are in any way a
factor in that, then I'm just not seeing any evidence to support that.

> A mesh network and OpenVPN and proxies, such as TOR, do not fully
> grant privacy. The PSN and/or TPM's UUID are visible offline. I
> cannot cite references on this. I have been hacked offline, first
> by my wifi card and after I removed my wifi card and bluetooth
> card, by my PSN.

You were hacked by your PSN? What do you mean by "hacked" and how was it
done?

> Yes, computers can be hacked via their wifi cards
> even though the computers are offline. See
> http://www.usatoday.com/tech/news/computersecurity/hacking/2006-08-
> 02-wireless-hackable_x.htm

I remember following this one when it was first reported. They found a
way to cause a buffer overflow in the device drivers for a number of
WiFi chipsets and were able to trigger the exploit using 802.11 beacons,
so it worked whenever the cards were listening for APs.

It was a flaw in the device drivers, it was subsequently patched. Many
newer chipsets obviate the issue by discarding malformed frames before
they reach the device drivers.

> There are plenty of articles on hacking bluetooth due to
> bluetooth's MAC address being visible.

Again, explain what you mean by "hacking". I'm familiar with bluetooth
hacking, but this statement seems to imply that the MAC address hold
some higher importance than any of the techniques I'm familiar with.
Asside from the obvious, recording that you've seen a particular address
and "tracking" it when it's in proximity to one of your sensors, I'm not
clear on what value the MAC address itself would hold. And tracking
bluetooth devices by their MAC address is quite possible, but also easy
to mitigate. The radio can be turned off, and then it's effectively
invisible.

> The old methods of tracking computers were IP address and MAC
> address of the wifi card. If this were completely sufficient, there
> would be no reason for PSN and TPM. The fact that they exist means
> that they enable tracking of computers via hardware.

Explain it again, how is a PSN different from a MAC address at a
technological level? They seem like they're pretty much the same thing,
execpt for the proposed use case.

> Don't give a false sense of security by promising privacy unless
> you are also offering hardware privacy. Except for MAC address on
> wifi cards, we had hardware privacy prior to Pentium II's PSN.
> FreedomBox can ask Marvell and/or other manufacturer to "down
> grade" to the early 1990s and give us back our hardware privacy.

You know that hard drives and flash memory devices also have UUIDs,
right? Serial numbers are not uncommon at all on modern hardware.
However, I'm still skeptical of how practical it would be to track a
specific individual by the serial numbers encoded in their hardware. I'm
not even convince that it's a cost effective way to track someone, seems
like there are cheaper and easier ways to do it. If you can prove my
skepticism wrong, I'd love to see it.

If you're seriously worried about this kind of stuff, then I'm surprised
you would risk using any kind of computer at all. Ken Thompson wrote a
very relevant article almost 30 years ago on what it means to trust your
computer.

http://cm.bell-labs.com/who/ken/trust.html

Best regards,
Ben the Pyrate

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBAgAGBQJP6/FzAAoJEMco5sYyM+0wyNMH/16xrnPJAgFy1UuWan+uFaOh
Cc4pMP45AegY3eZZtdTHzrMlh8pyyPTIAiRL3jAEBAW5CBAgu84L50si6IG+P8PI
I+8VHxzApoK6TAHB9oWvI8Mt/w2s2gftYpOvmmG+n5V9gRLG1KxryHsX+kjrm3H+
Bzc4q+3s0mBWbONBYxRgLfr1DvK2pKZUETbHNMvX7XfPohnHnQGOi4Q18ki6hAlp
XjuH+4+lk1GP7krxZWIFrQAnre/0DM8upw/X2vhbGDOdS6O4vF9hL5kueKvUcBTp
ACkk5jOsKQyMscRM1kNtE28/quCvXkKCteA5V1IRd3zQQGpSKacMgbqD3qYM+1k=
=monK
-----END PGP SIGNATURE-----