home.social

#trustzone — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #trustzone, aggregated by home.social.

  1. If you need Secure Boot for STM32MP157 , we got you covered with STMP157-SOM-512-SB and STMP157-OLinuXino-LIME2H-SB now featuring STM32MP157FAA1 extended temperature range -20+105C running at 800Mhz and secure boot olimex.wordpress.com/2025/07/2 #stm32mp157 #secure #boot #trustzone

  2. If you need Secure Boot for STM32MP157 , we got you covered with STMP157-SOM-512-SB and STMP157-OLinuXino-LIME2H-SB now featuring STM32MP157FAA1 extended temperature range -20+105C running at 800Mhz and secure boot olimex.wordpress.com/2025/07/2 #stm32mp157 #secure #boot #trustzone

  3. If you need Secure Boot for STM32MP157 , we got you covered with STMP157-SOM-512-SB and STMP157-OLinuXino-LIME2H-SB now featuring STM32MP157FAA1 extended temperature range -20+105C running at 800Mhz and secure boot olimex.wordpress.com/2025/07/2 #stm32mp157 #secure #boot #trustzone

  4. If you need Secure Boot for STM32MP157 , we got you covered with STMP157-SOM-512-SB and STMP157-OLinuXino-LIME2H-SB now featuring STM32MP157FAA1 extended temperature range -20+105C running at 800Mhz and secure boot olimex.wordpress.com/2025/07/2 #stm32mp157 #secure #boot #trustzone

  5. If you need Secure Boot for STM32MP157 , we got you covered with STMP157-SOM-512-SB and STMP157-OLinuXino-LIME2H-SB now featuring STM32MP157FAA1 extended temperature range -20+105C running at 800Mhz and secure boot olimex.wordpress.com/2025/07/2 #stm32mp157 #secure #boot #trustzone

  6. Exploiting Android Linux kernel from Qualcomm Trustzone (QSEE) (CVE-2021-1961)

    tamirzb.com/attacking-android-

    Credits Tamir Zahavi-Brunner

    #trustzone

  7. A few years old but still an interesting blog post showing how to attack Mobile Trusted Execution Environments (ARM TrustZone) to extract biometric data

    synopsys.com/blogs/software-se

    #trustzone

  8. A few years old but still an interesting blog post showing how to attack Mobile Trusted Execution Environments (ARM TrustZone) to extract biometric data

    synopsys.com/blogs/software-se

    #trustzone

  9. Trusted computing got a new coat of paint. Now it's called "confidential computing", and it's totally not about who controls the machine, not at all.

    A talk at triggered me, so I had to rant about it on my blog. Sorry.

    dorotac.eu/posts/rustlab/

  10. Trusted computing got a new coat of paint. Now it's called "confidential computing", and it's totally not about who controls the machine, not at all.

    A talk at #rustlab2023 triggered me, so I had to rant about it on my blog. Sorry.

    dorotac.eu/posts/rustlab/

    #drm #tpm #trustzone #rustlab

  11. @ellenor I don’t need high performance so I use ~15 y.o. hardware that pre-dates the spy chips. But still my hardware was not targeted by #coreboot / #libreboot, so my firmware is non-free. I also have some newer hardware that I pulled out of dumpsters (thus did not contribute to the intel M.E./ AMD #trustzone spy chip market), which I just use for occasional experiments.

  12. CW: research review

    M. Saß et al., "Oops..! I Glitched It Again! How to Multi-Glitch the Glitching-Protections on ARM TrustZone-M"¹

    Voltage Fault Injection (VFI), also known as power glitching, has proven to be a severe threat to real-world systems. In VFI attacks, the adversary disturbs the power-supply of the target-device forcing the device to illegitimate behavior. Various countermeasures have been proposed to address different types of fault injection attacks at different abstraction layers, either requiring to modify the underlying hardware or software/firmware at the machine instruction level. Moreover, only recently, individual chip manufacturers have started to respond to this threat by integrating countermeasures in their products. Generally, these countermeasures aim at protecting against single fault injection (SFI) attacks, since Multiple Fault Injection (MFI) is believed to be challenging and sometimes even impractical. In this paper, we present {\mu}-Glitch, the first Voltage Fault Injection (VFI) platform which is capable of injecting multiple, coordinated voltage faults into a target device, requiring only a single trigger signal. We provide a novel flow for Multiple Voltage Fault Injection (MVFI) attacks to significantly reduce the search complexity for fault parameters, as the search space increases exponentially with each additional fault injection. We evaluate and showcase the effectiveness and practicality of our attack platform on four real-world chips, featuring TrustZone-M: The first two have interdependent backchecking mechanisms, while the second two have additionally integrated countermeasures against fault injection. Our evaluation revealed that {\mu}-Glitch can successfully inject four consecutive faults within an average time of one day. Finally, we discuss potential countermeasures to mitigate VFI attacks and additionally propose two novel attack scenarios for MVFI.

    #arXiv #ResearchPapers #Glitching #VoltageFaultInjection #MultipleVoltageFaultInjection #TEE #ARM #Trustzone
    __
    ¹ arxiv.org/abs/2302.06932

  13. CCA-Funktionen schützen Daten im RAM von Servern, Smartphones und Computern selbst vor dem Admin; CCA zielt auf Cloud-Rechenzentren, aber auch Endgeräte. ARM Confidential Compute Architecture: Details zur ARMv9-CCA
  14. Prevent spoofing of #IoT Actuation Commands with Arm #TrustZone on #RaspberryPi...

    "Protecting Actuators in Safety-Critical IoT Systems from Control Spoofing Attacks"
    dl.acm.org/doi/pdf/10.1145/333