Re: [Discuss-gnuradio] USRP Structure

[Marcus D. Leech]

On 09/09/2015 08:24 PM, Chris Kuethe wrote:
> This isn't a relevant concern for general purpose / experimental
> hardware like bladerf, hackrf, or usrp hanging off a PC. They're
> intended to be user programmable. If someone roots your box, they can
> replace your FPGA image, usb, or microcontroller firmware ... but to
> what end? The platform is already wide open.
>
> If you're shipping a product, your regulatory agencies are going to
> ask you some questions about what you've done to ensure that your
> equipment only operates in its intended manner. I don't feel like
> writing a big rant about trying to lock down a general purpose
> machine. Instead, let me just point you at a whitepaper on secure
> booting the Zynq. After that, you should read about how ChromeOS (or
> other mobile platforms) do secure boot and ensure application
> integrity.
>
> I bet if you offered Ettus or Corgan a barrel of money they might be
> interested in building a secure booted E310. Actually, if you offered
> me a barrel of money, I'd be all over that project...
>
> http://www.xilinx.com/support/documentation/white_papers/wp426-zynq-7000-secure-boot.pdf
I will comment, having been involved in the whole TPM thing in the IETF, 
and in private research, that since there's no way to guarantee correctness,
  no amount of digitally-signing chains of stuff-we-can't-trust is 
going to help you.  If you think that you have achieved "security" that 
way, against
  an adversary who has the device in his/her hands, then you are in a 
state of sin.  Cryptography cannot help you here.  You're running up against
  the halting problem.  A machine that "attests" at time (t) that it is 
notionally "secure" could be notionally cracked all to heck at time(t+1).

Until *significant* swaths of software can be automatically "proven to 
be correct", then none of this "layered attestation" nonsense makes any 
sense.

IMHO, of course, etc, etc, etc.