Category Archives: Reverse engineering

Degate

Posted on by
Reply

Martin Schobert has designed an open source software, called Degate, to help reverse-engineering hardware components.   The process is the following:

  • You must first take pictures of the layout of the depassivated hip
  • Degate will attempt to recognize standard cells image pattern matching.
  • Degate attempts also to reconstruct the netlist of wires and vias (vias are electronic connection between different layers).
  • Then, it can build the full or partial logical layout.

Of course, the better the quality of the initial pictures (for instance using a Focussed Ion Bean (FIB)), the easier (and better) the automated result.

Degate will not do all the job.  It is a software aid to reverse engineer.  In any case, at the end, you will have to understand what the logic layout does.  Degate is not a tool for script kiddies.  It requires a good knowledge of micro electronics.  You’re working at the transistor/cell level.

The site provides also an interesting repository of documentation related to IC reverse-engineering.

Lesson: As for software obfuscation, the less reused patterns in the design of the chip, the more robust to reverse-engineering.

 

Glitching the Xbox

Posted on by
Reply

A group of hackers has designed a stunning attack to run arbitrary code on Xbox.  XBox uses a hypervisor (or boot loader) that checks that the software that is running is properly signed (or does not have the wrong hash).  They use fault injection techniques, here glitching.  The aim of the attack is to make the processor derail after a serious glitch when applied at the precise moment.  This technique was initially designed to attack smart cards or secure processors (For instance, see chapter 9 of  Markantonakis and K. Mayes, Smart Cards, Tokens, Security and Applications, Springer-Verlag New York, 2008)

In the case of Xbox, the attackers had to produce a 100 nS glitch on the chip reset when it compares the calculated hash with the stored values.  If well designed, the glitch should make the memcmp positively fail and thus should allow to run arbitrary code.  They had to succeed two challenges:

  • Find the precise moment for the glitch to occur, and find the right shape for this pulse
  • Find a method to slow down the processor; with a slower processor, the accuracy of the glitch can be reduced.

They succeeded!  It is interesting to note that they had to design two solutions: one for the fat Xbox, and one for the slim one.  They have different PCBs.  For the fot box, they found a pin to slow down the CPU, whereas for the slim one, they attacked PLL by over writing parameters in an I2C memory (this old serial bus is not protected).

It is a  nice piece of reverse engineering.  This is not a consumer-grade hack.  It is extremely complex.  I believe that here, the motivations are purely to succeed a technical challenge (real Hackers).

Lessons:

  1. As always, Law 1 is true.  Attackers will always find a way.
  2. Attackers may use top-notch techniques.

 

 

PS3 jailbroken

Posted on by
1

Monday, January 24, 2011

At the December CCC conference, George Hotz, by the nickname of GeoHot, disclosed that he has discovered the private key used to sign the firmware of all PS3 devices.

Usually a piece of code is signed using a private key. The device checks that the code is properly signed using the corresponding public key. if it is the case, it proves that the software was not tampered and that it was issued by the owner of the private key (here Sony). Normally, there is no way to guess the private key from the public key. The usual assumption is that this private key never ever does leak out. They are usually stored in Hardware Secure Module (HSM) within a safe and with strict security policies. It is the corner-stone assumption of most of the trust models.

It seems that GeoHot and Fail0verflow guessed the private key due to a mistake in the signature software that uses a fixed value and not a true random value, dixit a member of Fail0verflow team in an interview to BBC.

PS3 was already jaibroken. The difference with the previous jailbreak[/url] is that this one is purely software. it does not require to change anything in the PS3.
There is no way to recover. It is now possible to execute any arbitrary code on the PS3, because it is possible to sign any code. The issue is that this checking is done in the loader which cannot be modified in the field (else the hackers could easily change this checking process :( )

Sony has launched, under the DMCA, a procedure of temporary restraining order that attempts to stop dissemination of jailbreak.

Lessons:
– Proper implementation of cryptography is difficult
– PS1 and PS2 were open to homebrew applications. They were never hacked. PS3 was closed… Blocking the access of a game console for homebrew may be an attractor for crackers.

LittleBlackBox project

Posted on by
Reply

The LittleBlackBox project does host 2,000 SSL public-private key pairs extracted from gateways, routers…
It seems that some manufacturers did use the same SSL key pair for all the instances of a given hardware and firmware. The project attempts to collect the largest collection of such keys together with the details of corresponding firmware and hardware. Once you know the used keys, it is possible to mount a man in the middle attack. This is clearly the aim of this project.

What is difficult to believe is that many devices share a single key pair. Good security practice requests to use a unique key pair per device. Why should a manufacturer use only one key pair? Most probably because it simplifies the manufacturing. Providing an individual key pair for each box is complex (especially in a “hostile” environment such as a factory). Nevertheless, it is an incredible wrong design decision not to do so. Furthermore, manufacturers can even not revoke the leaked keys because else they would also revoke genuine devices!

Good news for Technicolor’s customers, our devices do not have such flaw.

Lesson: There are some economic-driven decisions that should not be allowed to have secure solutions. Security has a price.

Thanks Patrice for the pointer

Windows Phone 7 jailbreaked

Posted on by
Reply

On November 25, Rafael Rivera, Chris Walsh, Long Zheng published an application, ChevronWP7, that unlocked Windows Phone 7. The objective was to be able to install homebrew applications on this platform. The news very quickly was all over the world.

Today, they have removed ChevronWP7 from the distribution. According to their blog,

Earlier today, we were contacted by Brandon Watson, Director of Developer Experience for Windows Phone 7, to discuss the ChevronWP7 unlocking tool.

Through this discussion, we established a mutual understanding of our intent to enable homebrew opportunities and to open the Windows Phone 7 platform for broader access to developers and users.

To pursue these goals with Microsoft’s support, Brandon Watson has agreed to engage in futher discussions with us about officially facilitating homebrew development on WP7. To fast-track discussions, we are discontinuing the unlocking tool effective immediately.

It is the second time that Microsoft is hit quickly after the launching of their products. Beginning of the month, it was for the Kinect, now for WP7. The reaction of Microsoft is interesting. They started discussion before threatening with DMCA (I am not sure that this type of unlocking would be a safe harbor for the recently granted jailbreaking exception. Any lawyer to give an opinion)

One more exploit on the already long list of unlocked devices! We have a tough job!

Open API to Kinect

Posted on by
Reply

It did not took long for the hacking/hobbyist community to reverse engineer the API with Microsoft’s Kinect. Kinect device is the new gizmo for Xbox which uses the body as an input device.

Adafruit, a US company, offered a $3,000 bounty to the first developer who would provide a library to connect to the Kinect. Hector Martin is the winner. His library gives access the RGB data from the camera together with the depth map.

The first person who reported to be able to connect to Kinect was alexP from NUI. Nevertheless, he did not publish his drivers. He works with the open source group Natural User Interface (NUI). At the contrary,Hector Martin has published them as open source under the name LibFreenect. Meanwhile, Theo Watson has adapted this library to work on Mac OS X.

The initial reaction of Microsoft to Adafruit’s challenge was to threaten of legal suite in case of hacking.

With Kinect, Microsoft built in numerous hardware and software safeguards designed to reduce the chances of product tampering. Microsoft will continue to make advances in these types of safeguards and work closely with law enforcement and product safety groups to keep Kinect tamper-resistant

Microsoft has smoothened its position. It does not claim that this library is a hack (which stricto senso may be true).

Kinect for Xbox 360 has not been hacked–in any way–as the software and hardware that are part of Kinect for Xbox 360 have not been modified. What has happened is someone has created drivers that allow other devices to interface with the Kinect for Xbox 360. The creation of these drivers, and the use of Kinect for Xbox 360 with other devices, is unsupported. We strongly encourage customers to use Kinect for Xbox 360 with their Xbox 360 to get the best experience possible

The position of Microsoft is very smart. In no way does this library harm Microsoft business. Soon, hobbyists will use the Kinect and create most probably applications extending further than game. They may even come with some ideas that Microsoft’s engineers will be able to exploit. This may be even good advertisement for Kinect.

It reminds the use of Sony’s PS3 in fields unrelated to games. See security Newsletter #9.

Another winner is Adafruit, for $5,000, they made the headlines worldwide! and with the role of good guys!! That is cheap. :)

Apple, Jailbreaking and Patents

Posted on by
Reply

Monday, September 13, 2010

Put together these three words and you obtain an explosive cocktail that will surely make the headlines. End of July, a new type of Jailbreaking for iPhone and iPad appeared. Two weeks later, Apple closed the hole. Unfortunately, one week later, somebody highlighted an Apple patent that was filed in February 2009 (There is a period of 18 months after filing while the text of the patent is not public). It was claimed that Apple patented a method to fight jailbreaking and even brick the phone in case of jailbreaking. Most of the news I’ve seen on the Net where making the same statement.
Thus, I decided to have a look on this patent. The title of the patent is “Systems and methods for identifying unauthorized users of an electronic device”. Where is jailbreaking? The patent is about identifying an unauthorized user, not about identifying an unauthorized action. To identify an unauthorized users, the patent proposes in sub claims many solutions such as voice identification (comparing to voice print of authorized users), face recognition, heartbeat sensor (I was not aware of this type of biometrics, has somebody a good pointer?), or proximity detection of a sensor such as NFC. Once an unauthorized user detected, the patent claims that the device collects some information such as keylogging, logging the Internet activity, taking pictures with geotag, or using an accelerometer to identify the current mode of transportation. Then it sends an alert to a responsible party with the collected data.
The patent describes also a larger definition of unauthorized user by

“[0039]As another example, an activity that can detect an unauthorized user can be any action that may indicate the electronic device is being tampered with being, for example hacked, jailbroken, or unlocked. For example, a sudden increase in memory usage of the electronic device can indicate that a hacking program is being run and that an unauthorized user may be using the electronic device. “

:Happy:
Even funnier

“As yet another example of activities that can indicate tampering with the electronic device, an unauthorized user can be detected when a subscriber identity module (SIM) card is removed from or replaced in the electronic device.”

Good luck for the many false positives. Jailbreaking is really a side issue in this patent. It is more valid against thefts than against jailbreaking. Would the device be able to detect jailbreaking, most probably would it be able to cancel the action. Of course, now it is legal to jailbreak the phone, at least in the US.

The lesson is that you should not trust too much what you read in the blogs. Build your own opinion. read the source documents. I am sure that very few of the journalists or bloggers that reported the news did in fact have read the patent.