Lpc2000

While lpc2100_fan spoke like any fan would, I must correct a flaw in the 
core premise based on which lpc2000_fan objects to CRP thread:

--- In lpc2000@yahoogroups.com, "lpc2100_fan" <lpc2100_fan@...> wrote:
 > ... so far we got
 > a memory dump of a LPC2104 bootloader, which be no means has any
 > security options according to Philips.
 > This is about as irrelevant as it can be within the LPC2000 family
 > because ALL other members do have a security option.

Check the favourite LPC device with CRP security for Trojans at the ISP 
level itself and experience it for yourself.

If there is any particular part that does not have these Trojans in them, 
please post part number and code versions so that those relying on CRP can 
be properly advised as to which part/versions they should be weary of 
rather than the entire family.

In my LPC2292 (which has CRP feature) revision 1.64:

1/  "G tEsT A" crashes the boot loader.

2/  "T" command does interesting things (Philips does not want you to know 
about).

Is this not sufficient proof that what I found in 2105 applies to other 
part(s) with CRP as well.

Either someone is feeding my clients fake (or rigged) parts, or lpc2000_fan 
got facts wrong.

Jaya

Send instant messages to your online friends http://au.messenger.yahoo.com

Your suspicious G and T commands got an answer in messages
http://groups.yahoo.com/group/lpc2000/message/12267 and
http://groups.yahoo.com/group/lpc2000/message/12234,

you complain Philips doesn't answer, once they answer you ignore it or
doubt it.

I give them the benefit of a doubt, you obviously think you are the
only one here in the forum the REALLY understands what's going on. Not
so! Far from it. I have been working with the LPCs for more than 2
years and there were ups and downs and we were satisfied with the CRP
and still are. The only thing you are achieving that others who
believe in an academic approach not sustained with results that prove
it, get a little paranoid too. 

Commands that are outdated but not removed from programs might not be
the nicest programming style but they are no trojans. A trojans is a
part of a program that enables a backdoor to information. Show us with
all the time you obviously have to spend on this subject that you can
diassemble a one instruction program that is secured and then come
back and talk about it.

Well, as some other were speaking up against your longterm siege of
the forum, I had to let them know there are more that think as they do. 

The posts are a little emotional because we have been quiet and
watching and quiet and watching for almost 8 weeks.

RIP


--- In lpc2000@yahoogroups.com, Jayasooriah <jayasooriah@...> wrote:
>
> While lpc2100_fan spoke like any fan would, I must correct a flaw in
the 
> core premise based on which lpc2000_fan objects to CRP thread:
> 
> --- In lpc2000@yahoogroups.com, "lpc2100_fan" <lpc2100_fan@> wrote:
>  > ... so far we got
>  > a memory dump of a LPC2104 bootloader, which be no means has any
>  > security options according to Philips.
>  > This is about as irrelevant as it can be within the LPC2000 family
>  > because ALL other members do have a security option.
> 
> Check the favourite LPC device with CRP security for Trojans at the ISP 
> level itself and experience it for yourself.
> 
> If there is any particular part that does not have these Trojans in
them, 
> please post part number and code versions so that those relying on
CRP can 
> be properly advised as to which part/versions they should be weary of 
> rather than the entire family.
> 
> In my LPC2292 (which has CRP feature) revision 1.64:
> 
> 1/  "G tEsT A" crashes the boot loader.
> 
> 2/  "T" command does interesting things (Philips does not want you
to know 
> about).
> 
> Is this not sufficient proof that what I found in 2105 applies to other 
> part(s) with CRP as well.
> 
> Either someone is feeding my clients fake (or rigged) parts, or
lpc2000_fan 
> got facts wrong.
> 
> Jaya
> 
> Send instant messages to your online friends
http://au.messenger.yahoo.com
>

Hi,

I just know I'm going to regret adding to this - this thread should 
have been killed off long ago - but I feel I have to add my voice to 
the call "enough".

Out of interest, Jaya, have you even considered ths remotest 
possibility that the reason Philips aren't replying to your 
outstanding question is not becuase they have something to hide, but 
they have absolutely no reason to? In fact, quite the contrary, 
normal commercial practice would more or less dictate that they 
don't. 

Think a bit harder: they've already explained with very reasonable 
sounding logic why the boot loader is the way it is. It's totally 
unreasonable to expect any company to open up details of internal 
implementation details that are hidden for a very good reason. By 
documenting the interface you can make changes without changing the 
documentated interface. If you want to play with undocumented 
features and interfaces, good luck to you. But expecting Philips to 
tell you internal details of what you're reverse engineering is 
bizarre to my way of thinking. Why would they? (The reason why they 
wouldn't by the way, is that they'd have to put resources - as in 
people and cash - into supporting whatever they document).

I can't imagine anyone in Philips wasting a nano-second of their 
time in responding to why the coded the first few instructions of 
the boot loader one way rather than another.

As an analogy:

Joe Engineer approaches Ford and says: you know what, some of those 
cars you make and sell have the potential to spontaneously 
explode. "Really?" says everyone listening: "that's kind of 
interesting! Tell us more". Says Joe: "Well, they're powered by an 
explosive fuel - there's gallons of it. There's plenty of ignition 
sources all over the place. Now I'm sure if you play around enough 
with the juxtonian gaskit, by getting it into the smudgy mode, the 
whole thing might just blow!". "Er, sounds interesting", says the 
others: "any evidence this might happen, Joe". Joe: "Not as such, 
but Ford just won't respond when I ask them why the gaskit is red, 
when I reacon it should be blue". And so it goes.....

Now answer me this: does any sane, non-paranoid, person out there 
think Ford would respond in that cicumstance?

How about it Philips: are you going to answer the man's questions??? 

We wait with baited breath....

Brendan

-- In lpc2000@yahoogroups.com, "lpc2100_fan" <lpc2100_fan@...> wrote:
>
> Your suspicious G and T commands got an answer in messages
> http://groups.yahoo.com/group/lpc2000/message/12267 and
> http://groups.yahoo.com/group/lpc2000/message/12234,
> 
> you complain Philips doesn't answer, once they answer you ignore 
it or
> doubt it.
> 
> I give them the benefit of a doubt, you obviously think you are the
> only one here in the forum the REALLY understands what's going on. 
Not
> so! Far from it. I have been working with the LPCs for more than 2
> years and there were ups and downs and we were satisfied with the 
CRP
> and still are. The only thing you are achieving that others who
> believe in an academic approach not sustained with results that 
prove
> it, get a little paranoid too. 
> 
> Commands that are outdated but not removed from programs might not 
be
> the nicest programming style but they are no trojans. A trojans is 
a
> part of a program that enables a backdoor to information. Show us 
with
> all the time you obviously have to spend on this subject that you 
can
> diassemble a one instruction program that is secured and then come
> back and talk about it.
> 
> Well, as some other were speaking up against your longterm siege of
> the forum, I had to let them know there are more that think as 
they do. 
> 
> The posts are a little emotional because we have been quiet and
> watching and quiet and watching for almost 8 weeks.
> 
> RIP
> 
> 
> --- In lpc2000@yahoogroups.com, Jayasooriah <jayasooriah@> wrote:
> >
> > While lpc2100_fan spoke like any fan would, I must correct a 
flaw in
> the 
> > core premise based on which lpc2000_fan objects to CRP thread:
> > 
> > --- In lpc2000@yahoogroups.com, "lpc2100_fan" <lpc2100_fan@> 
wrote:
> >  > ... so far we got
> >  > a memory dump of a LPC2104 bootloader, which be no means has 
any
> >  > security options according to Philips.
> >  > This is about as irrelevant as it can be within the LPC2000 
family
> >  > because ALL other members do have a security option.
> > 
> > Check the favourite LPC device with CRP security for Trojans at 
the ISP 
> > level itself and experience it for yourself.
> > 
> > If there is any particular part that does not have these Trojans 
in
> them, 
> > please post part number and code versions so that those relying 
on
> CRP can 
> > be properly advised as to which part/versions they should be 
weary of 
> > rather than the entire family.
> > 
> > In my LPC2292 (which has CRP feature) revision 1.64:
> > 
> > 1/  "G tEsT A" crashes the boot loader.
> > 
> > 2/  "T" command does interesting things (Philips does not want 
you
> to know 
> > about).
> > 
> > Is this not sufficient proof that what I found in 2105 applies 
to other 

> > part(s) with CRP as well.
> > 
> > Either someone is feeding my clients fake (or rigged) parts, or
> lpc2000_fan 
> > got facts wrong.
> > 
> > Jaya
> > 
> > Send instant messages to your online friends
> http://au.messenger.yahoo.com
> >
>

Two post-scripts to my previous post (eh?):

1. Apologies for the spelling mistakes.

2. In the interests of following my own advice, I will not be 
commenting further on this topic: I can only hope that others will 
follow the example.

Brendan

--- In lpc2000@yahoogroups.com, "brendanmurphy37" 
<brendan.murphy@...> wrote:
>
> 
> Hi,
> 
> I just know I'm going to regret adding to this - this thread 
should 
> have been killed off long ago - but I feel I have to add my voice 
to 
> the call "enough".
> 
> Out of interest, Jaya, have you even considered ths remotest 
> possibility that the reason Philips aren't replying to your 
> outstanding question is not becuase they have something to hide, 
but 
> they have absolutely no reason to? In fact, quite the contrary, 
> normal commercial practice would more or less dictate that they 
> don't. 
> 
> Think a bit harder: they've already explained with very reasonable 
> sounding logic why the boot loader is the way it is. It's totally 
> unreasonable to expect any company to open up details of internal 
> implementation details that are hidden for a very good reason. By 
> documenting the interface you can make changes without changing 
the 
> documentated interface. If you want to play with undocumented 
> features and interfaces, good luck to you. But expecting Philips 
to 
> tell you internal details of what you're reverse engineering is 
> bizarre to my way of thinking. Why would they? (The reason why 
they 
> wouldn't by the way, is that they'd have to put resources - as in 
> people and cash - into supporting whatever they document).
> 
> I can't imagine anyone in Philips wasting a nano-second of their 
> time in responding to why the coded the first few instructions of 
> the boot loader one way rather than another.
> 
> As an analogy:
> 
> Joe Engineer approaches Ford and says: you know what, some of 
those 
> cars you make and sell have the potential to spontaneously 
> explode. "Really?" says everyone listening: "that's kind of 
> interesting! Tell us more". Says Joe: "Well, they're powered by an 
> explosive fuel - there's gallons of it. There's plenty of ignition 
> sources all over the place. Now I'm sure if you play around enough 
> with the juxtonian gaskit, by getting it into the smudgy mode, the 
> whole thing might just blow!". "Er, sounds interesting", says the 
> others: "any evidence this might happen, Joe". Joe: "Not as such, 
> but Ford just won't respond when I ask them why the gaskit is red, 
> when I reacon it should be blue". And so it goes.....
> 
> Now answer me this: does any sane, non-paranoid, person out there 
> think Ford would respond in that cicumstance?
> 
> How about it Philips: are you going to answer the man's 
questions??? 
> 
> We wait with baited breath....
> 
> Brendan
> 
> -- In lpc2000@yahoogroups.com, "lpc2100_fan" <lpc2100_fan@> wrote:
> >
> > Your suspicious G and T commands got an answer in messages
> > http://groups.yahoo.com/group/lpc2000/message/12267 and
> > http://groups.yahoo.com/group/lpc2000/message/12234,
> > 
> > you complain Philips doesn't answer, once they answer you ignore 
> it or
> > doubt it.
> > 
> > I give them the benefit of a doubt, you obviously think you are 
the
> > only one here in the forum the REALLY understands what's going 
on. 
> Not
> > so! Far from it. I have been working with the LPCs for more than 
2
> > years and there were ups and downs and we were satisfied with 
the 
> CRP
> > and still are. The only thing you are achieving that others who
> > believe in an academic approach not sustained with results that 
> prove
> > it, get a little paranoid too. 
> > 
> > Commands that are outdated but not removed from programs might 
not 
> be
> > the nicest programming style but they are no trojans. A trojans 
is 
> a
> > part of a program that enables a backdoor to information. Show 
us 
> with
> > all the time you obviously have to spend on this subject that 
you 
> can
> > diassemble a one instruction program that is secured and then 
come
> > back and talk about it.
> > 
> > Well, as some other were speaking up against your longterm siege 
of
> > the forum, I had to let them know there are more that think as 
> they do. 
> > 
> > The posts are a little emotional because we have been quiet and
> > watching and quiet and watching for almost 8 weeks.
> > 
> > RIP
> > 
> > 
> > --- In lpc2000@yahoogroups.com, Jayasooriah <jayasooriah@> wrote:
> > >
> > > While lpc2100_fan spoke like any fan would, I must correct a 
> flaw in
> > the 
> > > core premise based on which lpc2000_fan objects to CRP thread:
> > > 
> > > --- In lpc2000@...m, "lpc2100_fan" <lpc2100_fan@> 
> wrote:
> > >  > ... so far we got
> > >  > a memory dump of a LPC2104 bootloader, which be no means 
has 
> any
> > >  > security options according to Philips.
> > >  > This is about as irrelevant as it can be within the LPC2000 
> family
> > >  > because ALL other members do have a security option.
> > > 
> > > Check the favourite LPC device with CRP security for Trojans 
at 
> the ISP 
> > > level itself and experience it for yourself.
> > > 
> > > If there is any particular part that does not have these 
Trojans 
> in
> > them, 
> > > please post part number and code versions so that those 
relying 

> on
> > CRP can 
> > > be properly advised as to which part/versions they should be 
> weary of 
> > > rather than the entire family.
> > > 
> > > In my LPC2292 (which has CRP feature) revision 1.64:
> > > 
> > > 1/  "G tEsT A" crashes the boot loader.
> > > 
> > > 2/  "T" command does interesting things (Philips does not want 
> you
> > to know 
> > > about).
> > > 
> > > Is this not sufficient proof that what I found in 2105 applies 
> to other 
> > > part(s) with CRP as well.
> > > 
> > > Either someone is feeding my clients fake (or rigged) parts, or
> > lpc2000_fan 
> > > got facts wrong.
> > > 
> > > Jaya
> > > 
> > > Send instant messages to your online friends
> > http://au.messenger.yahoo.com
> > >
> >
>

Good try Brendan, but not good enough.  Look at the arguments, and if you 
cannot fault the argument, just accept it rather than faulting the person 
who puts forward the argument.

--- In lpc2000@yahoogroups.com, "brendanmurphy37" <brendan.murphy@...> wrote:
 > One final point, Jaya, you've implied that you work as an academic:
 > are you willing to say where? 

Send instant messages to your online friends http://au.messenger.yahoo.com

I like to point out to Brendan that my argument does (and should) not 
become any stronger (or weaker) by virtue of who I am.  This is not how 
forums work.

[I know for a fact that there are participants here who are more qualified 
and have more experience than I, but who participate using pseudonyms for 
good reasons.]

--- In lpc2000@yahoogroups.com, "brendanmurphy37" <brendan.murphy@...> wrote:
 > A set of "facts" that may or may not be
 > either true or relevant does not an argument make.

If there are any "facts" (F1 through F5) that are not true, or not relevant 
for that matter, please point this out.

 > I think Philips are right not to expose details of their IC's internals
 > to an open forum, or to comment further.

I stated this clearly in two places in my assessment, and my assessment was 
made taking this "proprietary" argument into consideration.

 > If you can't get the degree of re-assurance you feel you need, either
 > based on publicly available information, or through an NDA with
 > Philips, then you can make your own mind up and go elsewhere.

I am not seeking any assurance.  I simply made an assessment, as I 
routinely do for clients in the course of my work.  It so happens I chose 
to share one of these (with the client's permission) here in response to 
battering from certain quarters.

 > There's
 > little point though in berating them continuously on this forum when
 > they've absolutely no reason to respond further.

The purpose of the assessment is not to berate Philips.  If what you say is 
right, there is little point in posting in this forum an opinion that is 
not flattering to Philips.  As an independent I prefer to call it as it is 
without fear or favour.

 > As I said, I think
 > you're doing yourself no good at all in persisting:

With due respect, please get your facts right.  I am not the one 
persisting.  I was simply responding to a an open question from another 
poster.  I think Philips has responded as well as it could under the 
circumstances.

It is their responses (and not my questions) that undermines (or 
strengthens) their claims.

Jaya

Send instant messages to your online friends http://au.messenger.yahoo.com

--- In lpc2000@yahoogroups.com, Jayasooriah <jayasooriah@...> wrote:
>
> I like to point out to Brendan that my argument does (and should) 
not 
> become any stronger (or weaker) by virtue of who I am.  This is not 
how forums work.
> 

Maybe in an ideal world our points would be accepted at face value, 
but the reality is different. How the points are made, and who makes 
them will always influence the value people place on them. A simple 
example: I'd suggest that a post by a Philips employee to this forum 
carries a lot more weight than one by some anonymous contributor. 

Whether it deserves any more weight is of course a different question!

> --- In lpc2000@yahoogroups.com, "brendanmurphy37" <brendan.murphy@> 
wrote:
>  > A set of "facts" that may or may not be
>  > either true or relevant does not an argument make.
> 
> If there are any "facts" (F1 through F5) that are not true, or not 
relevant 
> for that matter, please point this out.
> 

I deliberately chose not to do a point-by-point comment on your own 
analysis as I believe that it is based on a flawed premise, namely 
that you can produce a valid analysis of a system for security flaws 
based on making assumptions and suppositions about its internal 
structure. By countering the points, I implicitely accept the 
premise. However, to give one example (T3/C1 in message 
13287): "Explanation of the "T" and "G" test features that made their 
way to the field does point to absence (or failure) of processes 
and/or measures that ensure quality of boot loader". This is a 
supposition on your part, not a fact. The fact is, as Philips have 
confirmed, that there are commands in the boot loader that are used 
for manufacturing and test. This is quite normal: most complex 
electronic parts and systems have similar test and diagnostic modes 
that are undocumented (with good reason). If you could show a 
mechanism of how the existence of these commands might compromise CRP 
then fair enough. In this case the "fact" you quote is both incorrect 
and irrelevant. I'd accept a point about lack of processes to ensure 
quality if you or someone else had conducted an audit of those 
processes, but you haven't claimed to have done this. 

The burden of proof on someone making a claim is on the person making 
the claim. 

The same goes for other suppositions, such as the claimed non-
standard startup sequence of the boot-loader. You have presented no 
evidence whatsoever that this has anything to do with CRP issues 
(chances are it hasn't), much less that it is somehow an effort to 
overcome some (unspecified) threat mechanism.

>  > If you can't get the degree of re-assurance you feel you need, 
either
>  > based on publicly available information, or through an NDA with
>  > Philips, then you can make your own mind up and go elsewhere.
> 
> I am not seeking any assurance.  I simply made an assessment, as I 
> routinely do for clients in the course of my work.  It so happens I 
chose 
> to share one of these (with the client's permission) here in 
response to 
> battering from certain quarters.

I was making a general not a personal point (i.e. the choice faced by 
any customer): if you're not happy with publicly available 
information, ask the vendor. If your still not happy, even with 
additional information that may be provided under NDA, then go 
elsewhere. I take your point, though (i.e. if you're not qualified to 
form a view on the acceptability of a product feature, then get some 
expert advice). The fact that not everyone agrees with a particular 
assessment is not exactly surprising.

> 
>  > There's
>  > little point though in berating them continuously on this forum 
when
>  > they've absolutely no reason to respond further.
> 
> The purpose of the assessment is not to berate Philips.  If what 
you say is 
> right, there is little point in posting in this forum an opinion 
that is 
> not flattering to Philips.  As an independent I prefer to call it 
as it is 
> without fear or favour.
> 

I'm sure your purpose isn't to berate Philips. However, the effect of 
continuously claiming that they somehow have questions to answer, 
knowing full well that they are unlikely to answer the ones posed 
(with very good reasons), is precisely that.

> It is their responses (and not my questions) that undermines (or 
> strengthens) their claims.

I think we'll just have to agree to differ on this one. I don't 
believe there is anything sinister or deliberately misleading in the 
answers Philips have provided to date. I'd be fairly sure though that 
the reason there's been no further comment is that there's a 
realisation in Philips that (a) it will suck up considerable 
resources just to provide the answers and, more importantly (b) some 
people will never be satisfied: it'll become a full time job, with 
absolutely no payback. 

Now, speaking of resources, I can't afford to spend any more time on 
this discussion (apart from the fact it has bored the pants off  
and/or annoyed many people). I'd suggest we close it now. I know this 
isn't the first time this has been suggested, and in fact I stated 
before I wouldn't contribute further, but I promise to follow my own 
advice this time. If you or someone else wants to post a final 
response to this to have a final say, then fair enough, but I 
absolutely promise not to respond.

Best regards

Brendan

Brendan, I have asked you twice and twice you have not been able to point 
out which of the facts (F1-F5) you consider not true or not relevant in 
making the remark "A set of 'facts' that may or may not be either true or 
relevant does not an argument make."

You do not have to concur with my analysis.  There are those who do and 
there are those who dont, and there is nothing unusual about their 
distribution.

Better kill the thread so Robert (of Philips) does not get too frustrated ...

--- In lpc2000@yahoogroups.com, "brendanmurphy37" <brendan.murphy@...> wrote:

 > > If there are any "facts" (F1 through F5) that are not true, or not
 > relevant
 > > for that matter, please point this out.
 > >
 >
 > I deliberately chose not to do a point-by-point comment on your own
 > analysis ...

Send instant messages to your online friends http://au.messenger.yahoo.com