IoT devices are already getting owned at staggering rates. Adding a learning model that currently cannot be secured is absolutely going to happen, and going to cause a whole new large batch of breaches.
A processor that isn’t Turing complete isn’t a security problem like the TPM you referenced. A TPM includes a CPU. If a processor is Turing complete it’s called a CPU.
Is it Turing complete? I don’t know. I haven’t seen block diagrams that show the computational units have their own cpu.
CPUs also have silicon to speed up floating point operations. That doesn’t necessarily make it a security problem.
The dedicated TPM chip is already being used for side-channel attacks. A new processor running arbitrary code would be a black hat’s wet dream.
It will be.
IoT devices are already getting owned at staggering rates. Adding a learning model that currently cannot be secured is absolutely going to happen, and going to cause a whole new large batch of breaches.
The “s” in IoT stands for “security”
Do you have an article on that handy? I like reading about side channel and timing attacks.
TPM-FAIL from 2019. It affects Intel fTPM and some dedicated TPM chips: link
The latest (at the moment) UEFI vulnerability, UEFIcanhazbufferoverflow is also related to, but not directly caused by, TPM on Intel systems: link
That’s insane. How can they be doing security hardware and leave a timing attack in there?
Thank you for those links, really interesting stuff.
It’s not a full CPU. It’s more limited than GPU.
That’s why I wrote “processor” and not CPU.
A processor that isn’t Turing complete isn’t a security problem like the TPM you referenced. A TPM includes a CPU. If a processor is Turing complete it’s called a CPU.
Is it Turing complete? I don’t know. I haven’t seen block diagrams that show the computational units have their own cpu.
CPUs also have silicon to speed up floating point operations. That doesn’t necessarily make it a security problem.