Researcher Cracks Security Of Widely Used Computer Chip
Electron microscopy could enable criminals to develop counterfeit chips, Tarnovsky says at Black Hat DC
Feb 02, 2010 | 08:55 PM
By Tim Wilson
DarkReading
WASHINGTON, D.C. -- Black Hat DC Conference 2010 -- The ultra-secure technology used to protect some of the world's most commonly used microchips might not be so secure, a researcher said here today.
Christopher Tarnovsky, a researcher at Flylogic Engineering who has made a business of hacking "unhackable" chip technology and other hardware, was at it again today with the revelation of vulnerabilities in the Infineon SLE 66 CL PE chip, which is widely used in computers, gaming systems, identity cards, and other electronics.
Tarnovsky offered a step-by-step explanation of his successful efforts to crack the chip's defenses using electron microscopy. During the course of about nine months, Tarnovsky said he was able to bypass the chip's myriad defenses and tap into its stored information without detection or chip failure.
"I'm not saying it was easy, but this technology is not as secure as some vendors would like you to think," Tarnovsky said.
Using a painstaking process of analyzing the chip, Tarnovsky was able to identify the core and create a "bridge map" that enabled the bypass of its complex web of defenses, which is set up to disable the chip if tampering occurs. After creating the map, he used ultra-small needles to tap into the data bus -- without disturbing the protective mesh -- and essentially "read" all of the chip's stored data, including encryption keys and unique manufacturing information.
Using this data, criminals could potentially re-create the chip in order to develop counterfeit systems or subvert widely used systems, Tarnovsky said. Such exploits could allow criminals to break through the defenses of pay TV services, medical ID systems, or even Microsoft's much-vaunted Xbox license chip, he said.
Tarnovsky said he has informed Infineon of the flaws he has discovered, but so far the company has not responded. "Their initial reaction was to tell me that what I'd done was impossible," he said. "Then when I sent them some video and the code that I just showed [to the Black Hat audience], they went quiet. I have not heard back from anybody."
In addition to Infineon, Tarnovsky said he informed officials at the Trusted Platform Module (TPM) standards organization, which sets security guidelines for the widely used PC chip standard. But he has not heard back from them, either.
ATM Skimming Ring Targeted in MA.
Police Arrest 3 Suspects Connected to String of ATM Thefts
Linda McGlasson, Managing Editor
February 2, 2010
The U.S. Secret Service has broken up an alleged ring of ATM skimmers in Massachusetts, announcing the arrests of three suspects -- including one man who was in possession of nearly $100,000 when he was arrested.
Anton Venkov, 40, of Toronto, Canada, was arrested Jan. 28 in Boston and charged with using counterfeit bank account access codes. He was to face a judge in federal court on Feb. 2. Police say he was found carrying $99,100 in $20 bills in his car when arrested at a hotel in Boston.
Another man alleged involved, Vladislav Vladev, 36, of Quincy, MA, was also arrested Jan. 28 while sitting on a plane that was headed for Germany, say Norfolk County prosecutors. Vladev was arraigned in Quincy District Court on larceny and identity fraud charges relating to a theft from a Milton, MA ATM. He is being held on $1 million cash bail and had a hearing set for Feb. 2.
Police say the group set up skimmers with pinhole cameras on Bank of America and Citizens Bank ATMs in the greater Boston area. The Secret Service learned in December that a Bank of America ATM in Saugus, MA had been rigged with the scanner device, called a skimmer, and a pinhole camera, according to a court affidavit from a Secret Service agent. A surveillance photo showed Vladev attaching the skimmer, the affidavit says.
Police were informed on Jan. 22 of ATM tampering at Citizens Bank locations in Quincy, Milton, Braintree and Somerville, MA. Surveillance photos showed the same men at the Citizens locations. Three days later, photos showed the men rigging Bank of America ATM machines in Saugus, Milton, Weymouth, Cambridge, Dorchester and Roslindale.
Prosecutors say Venkov and Vladev teamed up with Ivaylo Hristov, 28, of Ontario, arrested on Jan. 27, and stole debit and credit card data and PIN numbers by placing scanner devices and hidden cameras in ATM machines at several locations. Authorities believe they have stolen at least $100,000 from customers at Citizens Bank and other institutions.
Hristov was also charged in the Milton ATM theft and ordered held on $500,000 cash bail. He was charged with a similar scheme in Quincy and was ordered held on $1 million cash bail.
When Hristov was arrested near a Citizens ATM in Quincy, he had $1,380 in $20 bills, as well as Dunkin' Donuts gift cards and American Express cards with post-it notes that had "PIN'' and various numbers written on them.
Hristov told Quincy police he got 10 percent from the
Kinda old news now but no one else seems to have posted anything related...
Original URL: hxxp://www.reghardware.co.uk/2009/12/03/freeview_hd_launch_report/
Quote:
Freeview HD goes live
Technical details emerge as DVB-T2 service activated
By Nigel Whitfield
3rd December 2009 07:02 GMT
With the launch today of the Freeview HD service, the UK can claim to be at the forefront of digital television - though most punters won't be able to receive the service until spring 2010.
Today’s launch saw services switched on at the Crystal Palace and Winter Hill transmitters, between them providing coverage for around 22-23 per cent of the UK’s population. It’s described by engineers and telly executives as a "technical launch", however, with the consumer launch not taking place until late Q1/early Q2 next year.
As of today, while we may have the first operational TV service in the world using the new DVB-T2 standard, there aren’t any receivers available to buy.
Ilse Howling, Managing Director of Freeview, told Register Hardware that she expects that equipment will start to appear in stores in January and February of next year, with widespread availability around March.
By then, it’s anticipated that around 40 per cent of the population will be covered, rising to 50 per cent in time for next year’s World Cup. For detailed roll out dates, see the last page of this report.
Winter Hill is the first station to provide a high-power Freeview HD signal, any anyone who received Freeview in the Liverpool and Manchester area should pick up the new HD multiplex from it. The Crystal Palace transmitter, in common with the other early ones, will be running on lower power. Nevertheless, from the map that was briefly displayed, it looks like coverage will extend to Enfield in the North of London, and in some areas a little further out – sporadic coverage seemed to be going as far as Hertford.
Humax's Fox-HD-T2: set-top box set up for Freeview HD
There’s now a little more information about the technical details of the service too. Four manufacturers had prototype receivers on show at the launch, with set-top boxes from Pace and Vestel, together with integrated Freeview HD TV sets from both Panasonic and Sony. In order to qualify for the Freeview HD logo, receivers will need to be IPTV-capable.
Although Freeview wouldn’t be drawn on too many of the details of exactly which IPTV services will be coming – there’s no confirmed date for BBC iPlayer, for example – it’s certainly in the road map. Another potential IP services mentioned was SeeSaw,
PORTLAND, Ore. - The first Portland Police officer to arrive on the scene of the man who set himself on fire Wednesday outside the Nicholas Ungar Furs store accidentally used pepper spray in an attempt to put out the flames instead of a fire extinguisher, officials at the Portland Police Bureau said Thursday. [more]
HBO has begun beta-testing a proprietary site, HBOGO.com, which allows the cable channel’s monthly subscribers to stream on demand any movie or television program at no additional charge.
HBO parent Time Warner has made accessing its content properties’ content across multiple platforms at any time (“TV Everywhere”) a cornerstone of its digital strategy.
It also takes a page from Netflix’s successful Watch Instantly streaming initiative that allows monthly subscribers to access catalog titles via the PC, connected Blu-ray Disc player, TV and portable media device.
HBO spokesperson Jeff Cusson said transferring HBO GO content to portable media devices remains an unfulfilled goal.
“Nothing to report as of now,” Cusson said.
Richard Greenfield, analyst with Pali Capital, who has seen the test site, said HBO GO offers an improved user interface for VOD compared to a standard cable remote, in addition to deeper content.
“Spending 30 seconds with HBO GO makes you want to throw out your cable box,” Greenfield wrote in a note.
The streaming site features 218 feature length movies and full episodes of the first four seasons of “Big Love,” in addition to full episodes of “True Blood” and “The Sopranos,” among others.
“The goal is simply to attract more consumers with a more comprehensive offering and to reduce churn [or subscriber attrition rate],” Greenfield said.
The analyst, who covers Time Warner, said HBO remains an underrated subsidiary that is projected to generate more than $1.5 billion of Time Warner’s pre-tax earnings in fiscal 2010.
