Nowadays performance or BOM cost is not a huge issue, favor more powerful components if you can update them more easily. (3/4)
With the correct code failsafes these can be detected and prevented or made extremely hard, in the safety world this is routine.
-
-
We demonstrated (@
#hwio17 & FDTC) a FI attack that yields code exec and entirely bypasses FI mitigations in SW, including failsafe checks. -
I am well aware of your (spectacular) research :), but I would still argue that for most use cases a smartcard is not intrinsically better.
-
On that point (& many others) I agree with you. It boils down on the threat model and the kind of attacks/attackers you're defending from.
End of conversation
New conversation -
-
-
I agree that proper software mitigations may help. But vastly expanding the hardware attack surface is a dangerous move in many cases
-
Well "vastly" is such a relative concept here, also quality and not just quantity matters for exposed attack surface ;).
-
I hope to see an affordable barebones open source FPGA, with a proper secure boot and trusted bitstream mgmt. That may address our concerns
End of conversation
New conversation -
-
-
Personally, I would rather my digital ID card has a smart card, but not an SoC.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.