{"id":303,"date":"2009-01-06T16:18:11","date_gmt":"2009-01-07T00:18:11","guid":{"rendered":"http:\/\/cubist.cs.washington.edu\/Security\/?p=303"},"modified":"2009-01-06T16:18:11","modified_gmt":"2009-01-07T00:18:11","slug":"intels-trusted-execution-technology-circumvented","status":"publish","type":"post","link":"https:\/\/secblog.cs.washington.edu\/Security\/2009\/01\/06\/intels-trusted-execution-technology-circumvented\/","title":{"rendered":"Intel&#8217;s &#8220;Trusted eXecution Technology&#8221; Circumvented"},"content":{"rendered":"<p>From an article in <a href=\"http:\/\/www.infoworld.com\/article\/09\/01\/06\/Researchers_hack_into_Intels_vPro_1.html\">Infoworld<\/a> via <a href=\"http:\/\/it.slashdot.org\/article.pl?sid=09%2F01%2F06%2F2132247\">Slashdot<\/a>, two researchers from <a href=\"http:\/\/www.invisiblethingslab.com\/itl\/Welcome.html\">Invisible Things Lab<\/a> have discovered a method to circumvent <a href=\"http:\/\/www.intel.com\/\">Intel<\/a>&#8216;s Trusted eXecution Technology (TXT). The <a href=\"http:\/\/www.intel.com\/technology\/security\/downloads\/TrustedExec_Overview.pdf\">TXT system (PDF)<\/a>, part of <a href=\"http:\/\/www.intel.com\/technology\/vpro\/index.htm\">Intel&#8217;s vPro hardware-assisted security product<\/a>, is designed to allow software to run while protected against attacks from other software programs. However, the researchers at Invisible Things Lab discovered a two-phase attack that exploits a bug in Intel software in the first phase and then uses a deficiency in the actual TXT specification in the second stage, to successfully attack software designed to use the TXT system. While such software is currently rare, it may become more prevalent as more software aims to increase security.<\/p>\n<p>This event is a result of researchers working to verify the security properties of Intel&#8217;s vPro hardware-based security system. Hardware is much more difficult to revise than software, if revision is possible at all. This may mean that all current implementations of TXT are essentially obsolete, and may remain so in perpetuity.<\/p>\n<p>This security cloud does have a silver lining, however: TXT is a platform that Digital Rights Management (DRM)-enabled software is likely to use, and by showing that hardware-based security is as fallible as software-based security, this new revealation may guide companies towards less restrictive, more user-friendly approaches to security and intellectual property protection.<\/p>\n<p>Software vendors considering using the TXT system will undoubtedly be turned off by this event. However, it is better to know that something is not totally secure than it is to think that it is secure when it is not, so in the long run, it is better for Intel, despite the current press, that this exploit was discovered early rather than after many software packages depended on the TXT system. Companies such as AMD may also learn that security is a difficult problem and that attempting to &#8220;solve it&#8221; may be more trouble than it is worth.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>From an article in Infoworld via Slashdot, two researchers from Invisible Things Lab have discovered a method to circumvent Intel&#8216;s Trusted eXecution Technology (TXT). The TXT system (PDF), part of Intel&#8217;s vPro hardware-assisted security product, is designed to allow software &hellip; <a href=\"https:\/\/secblog.cs.washington.edu\/Security\/2009\/01\/06\/intels-trusted-execution-technology-circumvented\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":66,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,156],"tags":[],"class_list":["post-303","post","type-post","status-publish","format-standard","hentry","category-current-events","category-research"],"_links":{"self":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/303","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/users\/66"}],"replies":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/comments?post=303"}],"version-history":[{"count":1,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/303\/revisions"}],"predecessor-version":[{"id":304,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/303\/revisions\/304"}],"wp:attachment":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/media?parent=303"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/categories?post=303"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/tags?post=303"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}