Yahoo Groups archive

Lpc2000

Index last updated: 2026-04-28 23:31 UTC

Message

Re: [lpc2000] Silly and irresponsible title Re: CRP exploits using JTAG

2006-02-09 by Don Williams

Heenan,
We others, who also have half abrain,  appreciate the energy in this
examination and hope it proves that we all KNOW such security is tight, but
we embrace those who have the energy to question - and that of others who
with detailed rebuttal prove we are safe with a chippie we all respect -or
we wouldnt be here.

May I and others who understand no chip of this complexity can have ZERO
BUGS offer our respect, affection and support for the designers who struggle
to produce good silicon - and to others who perform exhaustive and publicly
published testing of same. And Im sure the testers - who have more than half
a brain in my analysis, also have respect and affection for the designers.
The Ying and the Yang.
Like democracy we debate and through our debate we build something stronger.
We share our minds.

So stuff ur religious politics up your Kwazoo - and pass it on to G W Bush.

Europe will be stronger, because wider separated minds will share a wider
experience.
Provided we debate.
Religion tries to make all minds the same and those societies who weaken to
religion will wane.

SO QUESTION  REALITY ... analyse ur lovin..as the song goes ...you may
appreciate it more ... or get something better quicker....

Rgds to all this sunny morn from downunder.

DonW






----- Original Message ----- 
From: "John Heenan" <l10@...>
To: <lpc2000@yahoogroups.com>
Sent: Friday, February 10, 2006 12:24 AM
Subject: [lpc2000] Silly and irresponsible title Re: CRP exploits using JTAG


> Still nothing concrete or specific.
>
> It is irresponsible to carry on a thread implying there are CRP
> exploits using JTAG
>
> For those with an elementary knowledge of microcontroller
> architecture it is easy to understand that on reset a signal can be
> raised that blocks debug break signals from JTAG and that this
> blocking action will require a specific action to clear. This might
> be called a very effective 'child proof' lock.
>
> It is extraordinarily bad form to imply in a title that CRP exploits
> with JTAG exist. Many will not read beyond the subject title.
>
> I have said this before and I will say it again. What is the real
> agenda?
>
> John Heenan
>
>
>
> --- In lpc2000@yahoogroups.com, Jayasooriah <jayasooriah@...> wrote:
> >
> > I would not assume CRP is safe just because nobody has posted a
> JTAG
> > exploit in this forum.  I would enumerate threats, then assess each
> threat
> > in terms of risks and costs.  Putting your product in student
> laboratories
> > is a very different ball game to sending them out to some country
> that does
> > not have enforceable copyright laws.
> >
> > IMO, JTAG window has too large an attack surface area to consider
> it safe
> > for most (if not all) of the requirements I have had to evaluated.
> Adding
> > to this, the fact that boot loader code is closed and comes with no
> > certification of any kind makes CRP no more than "child proofing"
> as one
> > poster put it.
> >
> > Regards
> >
> > Jaya
>
>
>
>
>
>
>
>
>
> Yahoo! Groups Links
>
>
>
>
>
>
>

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.