Jump to content

TPM, and an Idea that i thought might stick


13 posts in this topic

Recommended Posts

As I understand it Infineon makes the TPM chips for Apple. So I had a simple idea, assuming one had the same or similar infineon TPM chip would it possible to flash your TPM chip withe rom of one from lets say the MBP or maybe the dev kit, seeing as they were bios based?

 

http://www.infineon.com/cgi-bin/ifx/portal...ageTypeId=17099

 

the TPM chip seems very flashable, they have an entire kit dedicated to dumping and flashing it, plus it even has like an extra 1.5k user space.

 

Maybe this might help someone in hacking, imagine if all you had to do was instead of using an EFI bootloader, using a bios one, OSX86 hacking would be trival : ).

 

I hope this is not too crazy, just the idea.

Link to comment
Share on other sites

Apple with signs it's TPM chips with it's secret "endorsement" key and we do not have it (yet?). I think the flashing TPM chips might only be possible when they are actually manufactured.

 

However, if we managed to start using EFI and had Apple's "endorsement" key, I think I could be possible to construct a piece of EFI firmware to simulate an Apple TPM chip so that no hacking would be required to run OSx86.

Link to comment
Share on other sites

Apple with signs it's TPM chips with it's secret "endorsement" key and we do not have it (yet?). I think the flashing TPM chips might only be possible when they are actually manufactured.

 

However, if we managed to start using EFI and had Apple's "endorsement" key, I think I could be possible to construct a piece of EFI firmware to simulate an Apple TPM chip so that no hacking would be required to run OSx86.

 

 

Do you think firmware is required? i am hoping the current bios hacking method will work, DTK style. Also anyone actually trying this on there mbp, mini, imac,etc? I maybe simpler then one think. If only i had one

Link to comment
Share on other sites

Apple with signs it's TPM chips with it's secret "endorsement" key and we do not have it (yet?). I think the flashing TPM chips might only be possible when they are actually manufactured.

 

However, if we managed to start using EFI and had Apple's "endorsement" key, I think I could be possible to construct a piece of EFI firmware to simulate an Apple TPM chip so that no hacking would be required to run OSx86.

 

*laughs*

 

What a ridiculous theory. An EFI module won't ever fully substitute for a TPM chip, keep dreaming.

Link to comment
Share on other sites

*laughs*

 

What a ridiculous theory. An EFI module won't ever fully substitute for a TPM chip, keep dreaming.

 

 

i think what he was saying was that if a mobo had a TPM chip,See3 and firmware that is of the right type, then by moding your TPM with apples key, then you could just boot the apple CD no muss no fuss : )

Link to comment
Share on other sites

Really? Why is it not possible to simulate a TPM chip in EFI?

 

Because I doubt EFI has the capability to handle such a task. EFI is called when the system is powered on and booted and isn't really used again after that, the OS takes over.

 

In order for the simulated TPM chip to work, it would have to be running constantly, and I would bet that it would have a significant load on the system anyway. That and the fact that the true specs on how the TPM runs down to the bits it runs off of aren't available and would most certainly be required in order to create such a simulation.

 

One more thing is that Apple's EFI is a custom EFI and with very little documentation, if any, which is going to definitely cause problems with creating EFI modules that will fully function.

 

I'm not saying it COULDN'T be done... but I highly doubt it could, at least just with EFI. The TPM is a piece of hardware. Emulating the TPM would be a significant load for the system and would probably be outside of the ability of EFI in the first place. Think for a moment about the slowdown experienced when emulating other systems. Pretty significant processor load for most emulation. Hell, even Dosbox uses a good chunk of CPU and we're talking about an ancient history OS here. EFI was not built to emulate hardware and I'm truly doubting that it can be done at this time without some serious penalty somewhere down the line.

 

Also, why put so much effort into this when all Apple will have to do to break it is release a firmware update with Leopard that breaks the ability to interface with EFI in any way? That would be a lot of time down the drain. We've seen with OS X how changing just a few bits in the code requires a completely new solution to be made and utilized to maintain operability of the OS.

 

Either way, until EFI becomes widespread and is utilized by modern PC OSes other than OS X, we're not going to be able to do anything anyway. Hopefully by then, some other way of getting past the TPM will be found.

 

Honestly though, the currently decryption method works perfectly fine and therefore I don't see a reason to change it at this time. There's too much work involved in such an endeavor as this and I fear it would be work that would be all for naught in the end.

 

 

Of course, if you can prove me wrong, by all means I'm open to your ideas. I'm just trying to give a little constructive criticism. EFI can't be so much more advanced than BIOS that it would have the capability to run a TPM emulator - there's really no need for that kind of power.

 

Also, keep in mind that the TPM IS an encryption device. Its a specialized chip that is great for its purpose - but PC chips are much more rounded than that and think about how long it takes to encrypt a file in Windows via software. Now imagine a 10x+ performance hit from using a TPM emulator - and that's a low estimate in my mind.

Link to comment
Share on other sites

Anyway, hot fast do you think that TPM chip can be? You have a state-of-the art 3GHz processor. What makes you think that TPM is MUCH faster than this?

 

The TPM chip is a specialized device for a specific purpose, the PC processor is not. Its the same argument as running Cell chips in PCs... they do quite well for consoles but would be terrible in a computer environment.

Link to comment
Share on other sites

  • 1 year later...

So if I am correct from reading this the TPM on non-apple computers is not the same as the TPM that apple uses... correct?

 

Does the apple TPM module allow users to encrypt their data as well or is it limited to just ensuring that a machine is authentic apple?

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...