完善资料让更多小伙伴认识你,还能领取20积分哦, 立即完善>
3天内不再提示
德赢Vwin官网
论坛
1088
|
大约6个月前,有人发布了PSoC 4设备中明显漏洞的全面解释。该漏洞将允许攻击者将恶意代码加载到Flash中,然后将其标记为保留给监控器,从而允许代码在芯片擦除中生存,并且几乎没有被检测到运行。正如他所解释的那样,这可能导致各种攻击向量,比如触摸屏设备的重放攻击。
为乐趣和利润开发PSoC4——Dmitry Grinberg 阅读不可读的SROM:在PSoC4 HKADADY内部 据作者说,柏树还没有对此问题作出回应。那是6个月前的事了。柏树做了什么来减轻或消除这种脆弱性?这将严重减少适用于该芯片的应用范围,因此似乎不可能做任何事情。 以上来自于百度翻译 以下为原文 About 6 months ago, someone posted a comprehensive explanation of an apparent vulnerability in PSoC 4 devices. The vulnerability would allow attackers to load malicious code to flash and then mark it as reserved for supervisor, allowing the code to survive chip erases and to run pretty much undetected. As he explains well, this potentially leads to all sorts of attack vectors, like replay attacks for touch screen devices. Exploiting PSoC4 for fun and profit - Dmitry Grinberg Reading the Unreadable SROM: Inside the PSoC4 | Hackaday According to the author, Cypress has not responded to the problem. That was 6 months ago. Has anything been done by Cypress to mitigate or remove this vulnerability? It would seriously reduce the range of suitable applications for this chip, so it seems unlikely nothing was done. 
0
|
|
相关推荐
3个回答
|
|
|
嗯,我想我也看过那个帖子了。最后,我确定您需要:设备的物理访问,或者软件更新对设备的访问(通过固件更新,或者硬件重编程)。因此,如果您没有更新的固件,那么它是非问题。如果你有固件更新的代码,那就取决于你如何保护更新过程。该漏洞主要针对CyPress的直接控制芯片/内核的监控代码。它可以通过开发者的应用代码,修改,但最终,除非他们有写代码到芯片的能力,他们将无法访问的漏洞。
以上来自于百度翻译 以下为原文 Heh, I think I've read that post too. Ultimately, I determined that you either need: Physical access to the device, or software update access to the device (either through firmware updates, or hardware reprogramming). Thus, if you do not have update-able firmware, then it is a non-issue. And if you do have firmware update-able code, then it comes down to how well you protect that update process. The vulnerability is mainly aimed at Cypress' supervisory code that controls the chips/core directly. It can be modified by the developer's application code, but ultimately, unless they have the ability to write code to the chip, they will not be able to access the vulnerability. |
|
|
|
|
|
也取决于你从哪里得到筹码,以及他们走到你手上的路径。
不管怎样,我想这个问题只针对真正的特定应用(或高容量),例如军事/航空航天之类的问题,我敢打赌,你可以验证你的芯片(当然,增加了工作,这可能是不合理的,鉴于市场上其他选项的可用性)。我知道这个论坛有一个线索(这个问题的发现者也在评论)。 以上来自于百度翻译 以下为原文 Also depends on where you get your chips from, and the path they travel to your hands. Anyways, I guess this issue is a problem only for really specific applications (or high volume), such as military / aerospace and the like, and I bet you can verify your chips (although, of course, is added work which may not justify given the availability of other options on the market). I know there's a thread about this in the forum (where the discoverer of the issue also comments). |
|
|
|
|
|
旅行路线的好点;如果你是从某人那里运送或接收它,那么它可能是可疑的:/虽然,这是校验和验证的一部分,我想(不是任何手段都是万无一失的,但是让它更不容易被愚弄)
这里是论坛的帖子(你提到的):在低端PSOC4中免费翻倍闪存 从理论上讲,如果您自己使用漏洞来完全使用整个Flash空间(监视器)来编写应用程序代码,那么任何应用rootkit或类似事件的尝试都会导致图像整体的损坏。gt; 但是,对于极其安全的应用程序,需要对代码进行安全检查。 另一方面,如果我是一个安全要求富有的组织,我会培养自己的安全硬件和软件来煽动rootkit的分期防治措施。 以上来自于百度翻译 以下为原文 Good point about the travel path; If you are shipping or receiving it from someone, then it could be suspect :/ Although, this is part of the checksum verification I suppose (not foolproof by any means, but makes it less easy to fool) Here's the forum thread here (that you mentioned): Double the flash in low-end PSoC4 for free Theoretically, if you used the exploit yourself to fully use the entire flash space (supervisory as well) to write your application code, then any attempts to apply rootkits or similar things would cause corruption of the image as a whole. >:) But still, security checking of the code would be required for extremely secure applications On the other hand, if I was a wealthy organization with a security requirement, I would probably develop my own security hardware and software measures to instigate the prevention of rootkit installments. |
|
|
|
|
只有小组成员才能发言,加入小组>>
754个成员聚集在这个小组
加入小组2103 浏览 1 评论
1849 浏览 1 评论
3667 浏览 1 评论
请问可以直接使用来自FX2LP固件的端点向主机FIFO写入数据吗?
1784 浏览 6 评论
1534 浏览 1 评论
CY8C4025LQI在程序中调用函数,通过示波器观察SCL引脚波形,无法将pin0.4(SCL)下拉是什么原因导致?
568浏览 2评论
CYUSB3065焊接到USB3.0 TYPE-B口的焊接触点就无法使用是什么原因导致的?
422浏览 2评论
CX3连接Camera修改分辨率之后,播放器无法播出camera的画面怎么解决?
437浏览 2评论
383浏览 2评论
使用stm32+cyw43438 wifi驱动whd,WHD驱动固件加载失败的原因?
915浏览 2评论
/6 
关注我们的微信
下载发烧友APP
德赢Vwin官网 观察
版权所有 © 湖南华秋数字科技有限公司
德赢Vwin官网 (电路图) 湘公网安备 43011202000918 号 电信与信息服务业务经营许可证:合字B2-20210191
工商网监
湘ICP备2023018690号
评论
淘帖
1625
