[Freedombox-discuss] Backdoor in military chips may also be in Freedombox

Rick C. Hodgin foxmuldrster at yahoo.com
Thu Jun 28 19:08:11 UTC 2012

Xscale was Intel prior to a 2006 sale to Marvell.

Best regards,
Rick C. Hodgin

-------- Original Message --------
 From: Wookey <wookey at wookware.org>
 Sent: Thu, Jun 28, 2012 02:39 PM
 To: freedombox-discuss at lists.alioth.debian.org
 Subject: Re: [Freedombox-discuss] Backdoor in military chips may also be in Freedombox

>+++ freebirds at hushmail.com [2012-06-28 12:30 -0400]:
>> Hash: SHA1
>> I am requested that Freedombox
>> ask ARM and  Marvell if there is a debugger, ARM's TrustZone,
>> antitheft and a visible PSN.
>xscale CPUs have a debug facility, consisting of 32K of sram which is
>enabled in debug state allowing the CPU state to be interrogated
>without affecting anything else about what is going on. This has been
>documented in the xscale docs since they were released circa 2003. So
>do other ARM CPUs, although manufacturer's implementations vary. I
>believe all current CortexA series CPUs have Trustzone, but I could be
>wrong. PSN processor serial number? xscales have an ID and chip
>stepping. They don't have a unique serial number SFAIK. Embedding the
>variation needed for serial numbers into chips is difficult so is not
>normally done, but I haven't been taking much notice of hardware
>details since xscale.
>However the existence of these things is not the same as them being
>any meaningful sort of threat. It depends on many things, like how the
>SOC is connected up and exactly what the CPU's hardware capability is.
>In general I'd bne a lot more worried about code running on the CPU in
>the normal way than code accessing the debug and trustzone modes, but
>those are obviously worth checking for vulnerabilities. If you succeed
>in hacking trustzone you can probably make actual real money :-)
>Principal hats:  Linaro, Emdebian, Wookware, Balloonboard, ARM
>Freedombox-discuss mailing list
>Freedombox-discuss at lists.alioth.debian.org

More information about the Freedombox-discuss mailing list