Re: [Discuss-gnuradio] USRP Structure
This isn't a relevant concern for general purpose / experimental hardware like bladerf, hackrf, or usrp hanging off a PC. They're intended to be user programmable. If someone roots your box, they can replace your FPGA image, usb, or microcontroller firmware ... but to what end? The platform is already wide open. If you're shipping a product, your regulatory agencies are going to ask you some questions about what you've done to ensure that your equipment only operates in its intended manner. I don't feel like writing a big rant about trying to lock down a general purpose machine. Instead, let me just point you at a whitepaper on secure booting the Zynq. After that, you should read about how ChromeOS (or other mobile platforms) do secure boot and ensure application integrity. I bet if you offered Ettus or Corgan a barrel of money they might be interested in building a secure booted E310. Actually, if you offered me a barrel of money, I'd be all over that project... http://www.xilinx.com/support/documentation/white_papers/wp426-zynq-7000-secure-boot.pdf On Wed, Sep 9, 2015 at 11:51 AM, Logan Wuwrote: > Hello, > > Recently I read a paper on cognitive radio security (Secure > reconfiguration of software-defined radio). It highlights that the > operating system of cognitive radio node may be compromised as the > malware can exploit software vulnerabilities. I am wondering if the FPGA > and firmware are part of the OS? And can they be compromised during > runtime by malware? > > Thank you, > Logan > > -- > Posted via http://www.ruby-forum.com/. > > ___ > Discuss-gnuradio mailing list > Discuss-gnuradio@gnu.org > https://lists.gnu.org/mailman/listinfo/discuss-gnuradio -- GDB has a 'break' feature; why doesn't it have 'fix' too? ___ Discuss-gnuradio mailing list Discuss-gnuradio@gnu.org https://lists.gnu.org/mailman/listinfo/discuss-gnuradio
Re: [Discuss-gnuradio] USRP Structure
On 09/09/2015 08:24 PM, Chris Kuethe wrote: This isn't a relevant concern for general purpose / experimental hardware like bladerf, hackrf, or usrp hanging off a PC. They're intended to be user programmable. If someone roots your box, they can replace your FPGA image, usb, or microcontroller firmware ... but to what end? The platform is already wide open. If you're shipping a product, your regulatory agencies are going to ask you some questions about what you've done to ensure that your equipment only operates in its intended manner. I don't feel like writing a big rant about trying to lock down a general purpose machine. Instead, let me just point you at a whitepaper on secure booting the Zynq. After that, you should read about how ChromeOS (or other mobile platforms) do secure boot and ensure application integrity. I bet if you offered Ettus or Corgan a barrel of money they might be interested in building a secure booted E310. Actually, if you offered me a barrel of money, I'd be all over that project... http://www.xilinx.com/support/documentation/white_papers/wp426-zynq-7000-secure-boot.pdf I will comment, having been involved in the whole TPM thing in the IETF, and in private research, that since there's no way to guarantee correctness, no amount of digitally-signing chains of stuff-we-can't-trust is going to help you. If you think that you have achieved "security" that way, against an adversary who has the device in his/her hands, then you are in a state of sin. Cryptography cannot help you here. You're running up against the halting problem. A machine that "attests" at time (t) that it is notionally "secure" could be notionally cracked all to heck at time(t+1). Until *significant* swaths of software can be automatically "proven to be correct", then none of this "layered attestation" nonsense makes any sense. IMHO, of course, etc, etc, etc. ___ Discuss-gnuradio mailing list Discuss-gnuradio@gnu.org https://lists.gnu.org/mailman/listinfo/discuss-gnuradio
Re: [Discuss-gnuradio] USRP Structure
Since most SDRs out there have fully reconfigurable-by-the-end-user FPGA and firmware images, I don't think the notion of "compromise" has much meaning in this context, further because access to the devices is freely available to ordinary user-level processes, they can ask the radio to do whatever they want. Most SDRs that we discuss here are used in R, and only a very few in "services" where type-acceptance is required. Presumably, in the fullness of time, getting type acceptance would require the integrator to demonstrate some kind of "protection" for the radio. But SDRs as we know them here are just "dumb" components. It's a bit like asking a mixer or RF amplifier or synthesizer to "tamper-proof itself". My personal opinion is that asking general-purpose hardware to enforce some arbitrary notion of regulatory compliance in this area is silly, unproductive, and ultimately doomed to failure, quite apart from the wide-reaching implications for the industry in general. My "day job" is at a company where we "tamper proof" software on general-purpose computers at the behest of the Media Industry. It amounts to building perpetual-motion machines--it cannot be done in the strictest theoretical sense. In a practical sense, you can keep the casually-curious out of your "stack", but you cannot protect against the determined--they have infinite access to the hardware and software, and will eventually find a way around any "safeguards" you put in place. So, in the first instance, the "lockdown" software is utterly unnecessary, and in the second instance, it is woefully inadequate... On 2015-09-09 14:51, Logan Wu wrote: > Hello, > > Recently I read a paper on cognitive radio security (Secure > reconfiguration of software-defined radio). It highlights that the > operating system of cognitive radio node may be compromised as the > malware can exploit software vulnerabilities. I am wondering if the FPGA > and firmware are part of the OS? And can they be compromised during > runtime by malware? > > Thank you, > Logan ___ Discuss-gnuradio mailing list Discuss-gnuradio@gnu.org https://lists.gnu.org/mailman/listinfo/discuss-gnuradio
[Discuss-gnuradio] USRP Structure
Hello, Recently I read a paper on cognitive radio security (Secure reconfiguration of software-defined radio). It highlights that the operating system of cognitive radio node may be compromised as the malware can exploit software vulnerabilities. I am wondering if the FPGA and firmware are part of the OS? And can they be compromised during runtime by malware? Thank you, Logan -- Posted via http://www.ruby-forum.com/. ___ Discuss-gnuradio mailing list Discuss-gnuradio@gnu.org https://lists.gnu.org/mailman/listinfo/discuss-gnuradio