"Unhackable" Infineon chip physically cracked

A secure chip used for preserving secrets on PCs and protecting Microsoft technology has been physically compromised

Former US military security specialist Christopher Tarnovsky found a weakness in Infineon's SLE66 CL PE and presented the results of his hack at the Black Hat 2010 computer security conference. The Infineon chip is used in PCs, satellite TV hardware, and gaming consoles to protect secure data.

Tarnovsky, who works for security firm Flylogic, said that cracking the Infineon chip, which has a Trusted Platform Module (TPM) designation, was a long processes involving an electronic microscope (retails for around $70,000). The attack on the chip took six months to plan and execute, and it included dissolving the outer part of the chip with acid and using tiny needles to eavesdrop on the chip's programming instructions.

Despite physically accessing the chip, Tarnovsky still had to navigate the chip's software defenses. According to the AP, Tarnovsky remarked that "This chip is mean, man--it's like a ticking time bomb if you don't do something right."

Does this mean that Infineon's flagship secure chip has been entirely compromised? Infineon was aware that a physical hack was possible, but that an attack of this variety would require resources beyond that of the typical cracker. Joerg Borchert, a VP of security at Infineon, told the AP that, as this attack requires physical access to the chip, a smart hacker, and expensive equipment, "the risk is manageable, and you are just attacking one computer."

Will we start seeing peripherals that for the Xbox that take advantage of this hack? Maybe, but don't count on it unless you know hackers who are willing to shell out almost $100,000 for the electron microscope and other equipment necessary for compromising the Infineon chip.

Follow GeekTech on Twitter or Facebook.

More about: Facebook, Infineon, Infineon Technologies, Microsoft, Wikipedia, Xbox
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: security, pc components
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/170/gadwin-geforms/

Gadwin GeForms

GeForms allows you to create your own forms or fill in existing forms electronically. Using GeForms you are provided with sophisticated form design tools which ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia