Unfortunately, I am having a hard time sustaining that belief in the face of hard facts.
Today's example of technical people doing things which ostensibly aid security, but which really just give aid and comfort to the enemy, comes from chip vendor Atmel.
Some of the members of Atmel's DataFlash (TM, etc.) family have a feature called "sector lockdown". (An example datasheet is here).
Once you lock down a sector, it can never be unlocked, or erased or written again.
This sounds great in principle for things like boot sectors. But, let's look at the implementation.
For one thing, there doesn't seem to be any protection on the locking of sectors. Locking a sector is accomplished by a simple command, which is very similar to any other command which is sent to the flash. Sector locking even works when the part is "write protected" via hardware. (Obviously, only good guys would ever write the bits which disallow the writing of other bits, so there is no need to write-protect those lockdown bits.)
Let's examine a few basic usage scenarios for a flash device such as this:
- Deeply embedded. When an adversary cannot send any commands to the flash, the sector locking is a no-op, except that a hardware or software error could inadvertently issue the command and render the flash useless. Slight disadvantage to sector locking.
- Write-once boot device. In this scenario, the sector locking might be handy. On the other hand, there is a hardware pin which will disallow writes, so sector locking only adds marginal functionality.
- Upgradeable boot device, no external recovery mechanism. Sector locking the recovery sector seems like a good idea. However, as with the write-once boot device, there is already a hardware mechanism available. And, if a third party can issue commands to write other sectors, they can now issue the sector locking command on those other sectors! So, they may not be able to change the recovery sector, but they can disallow the recovery code from ever writing to the rest of the flash.
- Upgradeable boot device with an external recovery mechanism (or non-boot device.) If the device is not required for booting, or if it can be written via JTAG or some other mechanism even if the unit it is embedded in cannot otherwise boot, then, before sector locking, malicious code could always be removed. After sector locking, malicious code can lock itself in until the device is disassembled and the flash is desoldered and replaced.
That's too bad, because Atmel has some good products. I have to assume that Atmel has at least one person smart enough to recognize this for the looming disaster it appears to be, so their management must not be doing a very good job of listening to the troops.
No comments:
Post a Comment