log☇︎
253000+ entries in 0.161s
mircea_popescu: asciilifeform then again the next one... 5c 7f 11 22
asciilifeform: observe that the exponents are 01 00 01 00 00 .......
kmalkki: where exactly do you see the even number
asciilifeform: http://btcbase.org/log/2016-10-04#1552874 << evidently not, they are not functions of the exponent or modulus (they stay constant across variations in both of the latter) ☝︎
asciilifeform: otherwise, in the case of the 1st one seen here, http://wotpaste.cascadianhacker.com/pastes/wv3x3/?raw=true , it would be even?!
asciilifeform: kmalkki: this would suggest that the modulus is stored big-endian ?!
mircea_popescu: what is a socialist state ? why, any state that purports to hold individual rights hostage to imaginary "rights of society".
mircea_popescu: l, y particularmente del nuestro, según reza con toda claridad su propio preámbulo."
mircea_popescu: in entirely unrelated nonlulz, "Todos los derechos individuales reconocidos y consagrados por la Constitución Nacional están sujetos a las limitaciones o modificaciones que los derechos de la sociedad imponen, es decir, a un poder de reglamentación con fines de conveniencia social y seguridad común, como que el bienestar y prosperidad general es precisamente uno de los primordiales objetivos de todo estatuto constituciona
kmalkki: note that RtmPubSigned.key[0x14..0x23] == AmdPubKey.bin[0x04..0x13]
asciilifeform: in all of the keys.
asciilifeform: mircea_popescu: i just verified, indeed, they left a 2048-bit long chunk of bits for the 65537 to live in !
asciilifeform: kmalkki: how did you determine the fact about the sha256 at boot ?
asciilifeform: it was interesting, but does not help with the crippled psp.
asciilifeform: kmalkki: https://events.ccc.de/congress/2014/Fahrplan/system/attachments/2503/original/ccc-final.pdf << these ?
asciilifeform: perhaps it was simply to trace leaks.
asciilifeform: if it reduces to the same thing, given lack of revocation mechanism
asciilifeform: though it raises the question of why they would not simply share their master key with the OEMs then
asciilifeform: that would appear to be so
kmalkki: they don't if there is only single SHA-256 fused in PSP bootrom for their public key?
kmalkki: and then OEM can sign their firmware without bothering AMD for every build
kmalkki: the idea behind all this, is OEM can send their public key to AMD to be signed
asciilifeform: ah thx
asciilifeform: do you happen to know the format ?
asciilifeform: kmalkki: something is strange. the format appears to be little-endian, but if we look at some of the pubkeys in http://wotpaste.cascadianhacker.com/pastes/k081w/?raw=true , they would appear to be EVEN
asciilifeform: any idea whether the latter are derived from the modulus ?
asciilifeform: 0x01...0x03 seems to be a constant, 1. but what's 0x04..0x38.. ?
asciilifeform: kmalkki: if it is an rsa key, i would like to get it into phuctor.
asciilifeform: mircea_popescu: narrows the space, yes.
mircea_popescu: why ? you don't care what you iterate over ; whatever format it may be you iterate that.
asciilifeform: mircea_popescu: pubkey-with-header, presumably, so i'd like to know 1) where is the modulus 2) is there checksum etc.
asciilifeform: (i.e. if the collision needs to be a turd in a similar format)
asciilifeform: mircea_popescu: can be pretty expensive if there is any structure checking
mircea_popescu: that's not terribly expensive.
asciilifeform: kmalkki: so all we need is a collision to break the thing ?
mircea_popescu: "we found this abundant shit we dunno what to do with." "add it to tap water."
mircea_popescu: YOU CAN ADD IT T O TAP WATER
mircea_popescu: finally a use for all that plastic sludge in the pacific.
asciilifeform: you add short polymer chains, they 'drag', so to speak, the water.
asciilifeform: the sea, lol, but apparently it is possible to 'lubricate' tapwater, reduces vorticing and friction loss. discovered in '70s in su, iirc, never used for anything.
mircea_popescu: lubricate the sea, lower transportation costs, save the environment!
asciilifeform: https://github.com/coreboot/coreboot/blob/master/util/amdfwtool/amdfwtool.c << this appears to show where it ends up sitting down in the coreboot flash image, but not the format.
deedbot: http://qntra.net/2016/10/after-recent-leak-north-sea-lubricated-to-spec-per-bps-assessment/ << Qntra - After Recent Leak North Sea Lubricated To Spec Per BP's Assessment
adlai orders probe & lurks until he has something more useful to contribute than yesterday's babble
kmalkki: I believe I know the key format, 1 min
asciilifeform: kmalkki: do you perchance know the format of the amd public keys seen here : http://btcbase.org/log/2016-10-04#1552732 ( from coreboot dist ) ☝︎
asciilifeform: but no, i don't have access to any amd members-only whatevers.
asciilifeform: (or rather, that it was not in any of the public datashits.)
asciilifeform: kmalkki: i know that it is in the private one, yes.
jhvh1: shinohai: The operation succeeded.
shinohai: !~later tell BingoBoingo http://ix.io/1t65
kmalkki: it has been removed from the public BKDG
kmalkki: I just found the HDT debug support in the NDAd BKDG
asciilifeform: if you would like to post them publicly, send them pgp-encrypted to any of the folks here.
asciilifeform: kmalkki: but the other prong of this is your apparent discovery that new g-series boards disable hdt somehow
kmalkki: do you have access to AMD BKDG documents?
asciilifeform: so that folks do not need to rely on the extinct smartprobe and can make own debugger (the pinout is public)
asciilifeform: kmalkki: now more interestingly, hdt is simply a protocol on top of jtag, imho the main scientific interest in the smartprobe fw would be to extract the protocol.
asciilifeform: kmalkki: the stellaris arm also had jtag pins, handily brought out to pcb, as seen here, http://www.loper-os.org/pub/sage/test_points.jpg , i plugged it into a busblaster and eventually stepped through the execution from reset to where it checked the serial.
asciilifeform: kmalkki: ida happily eats the update payload.
PeterL: the question I have, is lamport-achute any easier for people to understand if written in python than in bash?
kmalkki: I chose the smallest raw binary, SmartUpdater to experiment with
trinque: other times, vintage gpg, complete deps for trb, all sorts of things
a111: Logged on 2016-10-04 15:36 asciilifeform: ACHTUNG, PANZERS! pc engines 'apu2' (the board with the intel nics - vs. 'apu1', with realtek) , turns out, is crippled, hdt probe barfs with it, the cpu is reputed to have a drm fuse set.
asciilifeform: kmalkki: http://btcbase.org/log/2016-10-04#1552690 << here's what you missed re thread. ☝︎
mircea_popescu: what can i tell you.
mircea_popescu: maybe the privkey is in mask rom ?
asciilifeform: (what prevents the substitution of another pubkey ?)
asciilifeform: i would think it would be in mask rom.
asciilifeform: mircea_popescu: is it just me or is it a strange thing that the pubkey is in there at all.
shinohai: GiveMe5: do this !!register http://wotpaste.cascadianhacker.com/pastes/gcygb/?raw=true
a111: Logged on 2016-10-03 23:46 mircea_popescu: think about it.
ben_vulpes: http://btcbase.org/log/2016-10-03#1552224 << thought about it, now understand ☝︎
BingoBoingo: Anyways this seems to be the way the Republic's eye works. Jools are hiding in plain sight unseen. Republican eye turn upon them for unrelated bsns. Jools get got.
ben_vulpes: jurov: thanks, that'd be one of those 'glaring oversights'
BingoBoingo: Why wouldn't they give it away? Sony did.
mircea_popescu: esp as this is >1 year old by now. foss right, many eyes ?
mircea_popescu: i somehow can;t believe they just gave away the key.
asciilifeform: it is the key format that interested me.
asciilifeform: nobody is that stupid.
mircea_popescu: the privexp doesn't seem to be used/referenced in that code snippet though.
asciilifeform: but i cannot presently believe that the 'd' (private exponent) is actually in there.
asciilifeform: realize, if we know the private exponent, we can demolish the N.
mircea_popescu: how is rsa supposed to work with different exponents ?
mircea_popescu: no there it is, line 839
asciilifeform: (unless they made an entirely other one for x86)
asciilifeform: https://android.googlesource.com/platform/hardware/samsung_slsi/exynos5/+/master/libkeymaster/tlcTeeKeymaster_if.c#831 << possibly the key format.
asciilifeform: will offload part of AGESA to the PSP, making memory init even part of the PSP :(' -- https://www.coreboot.org/Binary_situation .
asciilifeform: 'PSP: The Cortex A8 running trustzone firmware, implemented from family 15h model 60h (Carrizo) and family 16h model 30h (Mullins) and up. It is running Trustonic TEE OS licensed by AMD. PSP Boot ROM runs *before* x86 core. Then non-bootrom PSP parts are stored (zlib-compressed) in the main flash. Bypass mechanism available via strap pin, but dummy and AMD signed bypass binaries needs to be always run. It is expected that newer CPUs
mircea_popescu: "Features and fixes: 1. ENH466357: Reduce PSP/SMN clock back to 300 MHz as a temporarily workaround for eCZ B10/A10 fused parts." eh, what am i looking at here ?
asciilifeform: i'd like to get their pubkey into phuctor, but it is in some peculiar format. (if somebody can discern a modulus in there, please write in.)
asciilifeform: so these are what run on the apu2.
mircea_popescu: ah, but to trust this ?
asciilifeform: no need to extract, it is right there !
asciilifeform: 'AMD’s PSP is based around a single 32-bit ARM Cortex-A5, with its own isolated ROM and SRAM but has access to system memory and resources. It contains logic to deal with the x86 POST process but also features a cryptographic co-processor.' << they stuffed, finally, their 'fritz chip', into the g-series.
asciilifeform: ACHTUNG, PANZERS! pc engines 'apu2' (the board with the intel nics - vs. 'apu1', with realtek) , turns out, is crippled, hdt probe barfs with it, the cpu is reputed to have a drm fuse set. ☟︎☟︎☟︎☟︎☟︎☟︎☟︎☟︎☟︎
jurov: nevermind, seems i misread the code
trinque: so this is what happens when you invert the dakka
mircea_popescu: in other lulz, http://www.larrycollinsfineart.com/arsenault/John%20Arsenault%20-Patriotic%20Overload,%202001%20c-print.jpg (notice the toes.)
PeterL: off to a meeting, bbl