Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday November 06 2019, @04:23PM   Printer-friendly
from the trust-must-be-earned dept.

Arthur T Knackerbracket has found the following story:

OpenTitan – an open-source blueprint for a Root of Trust (RoT) system-on-chip based on RISC-V and managed by a team in Cambridge, UK – was teased by Google along with several partners today.

Hardware RoT is a means of verifying the firmware and system software in a computing device has not been tampered with, enabling features such as secure boot. Hardware RoT can also verify the integrity and authenticity of software updates, and prevent a system from being rolled back to an earlier version with known vulnerabilities. It is the lowest-level security piece in a trustworthy system.

But can you trust the RoT itself? The goal of OpenTitan is to provide an open-source design for RoT silicon so that it is (as far as possible) open for inspection.

The OpenTitan SoC will use the RISC-V open-source CPU instruction set architecture, and will be managed by lowRISC, a nonprofit in Cambridge, which has "an open-source hardware roadmap in collaboration with Google and other industry partners," we're told.

Today's announcement comes from Google, Western Digital, the ETH Zurich university, chip maker Nuvoton Technology, and friends.

The Apache 2.0-licensed OpenTitan SoC will include the lowRISC Ibex microprocessor design, cryptographic coprocessors, a hardware random-number generator, volatile and non-volatile storage, IO peripherals, and additional defensive mechanisms. It can be used in any kind of device, from servers and smartphones to Internet-of-Things gadgets.

-- submitted from IRC


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by captain normal on Wednesday November 06 2019, @05:04PM (5 children)

    by captain normal (2205) on Wednesday November 06 2019, @05:04PM (#916870)

    What if you want to root your phone? Or your computer, or your IOT devices? A lot of us have rooted our devices just to get rid of OEM crapware. I guess if it's really open source maybe we can still hack to improve our own devices...or will we be able to?

    --
    When life isn't going right, go left.
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 2) by takyon on Wednesday November 06 2019, @05:15PM (1 child)

    by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Wednesday November 06 2019, @05:15PM (#916875) Journal

    "We'll see."

    My guess is that it would never be used in any smartphone except something niche like PinePhone or a crowdfunded phone.

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
    • (Score: 0) by Anonymous Coward on Wednesday November 06 2019, @06:51PM

      by Anonymous Coward on Wednesday November 06 2019, @06:51PM (#916910)

      That 'non-volatile storage' they mention will have a stage0 bootloader permanently fused into it, like the bootblocks in most ARM SoCs and that per device signatures and checksum/signing of all running code will be required on next generation software and media.

      Long story short; This will be the end of open computing even if every piece of hardware and every piece of software is 'open source', because 'blank' Trust chips will be unavailable to all but the moneyed few.

  • (Score: 2) by darkfeline on Thursday November 07 2019, @06:44AM (2 children)

    by darkfeline (1030) on Thursday November 07 2019, @06:44AM (#917227) Homepage

    What if your maid wants to root your phone? Root == compromise. Instead of buying a device just to compromise it, why not secure it with your own trusted key? This allows you to do that.

    --
    Join the SDF Public Access UNIX System today!
    • (Score: 2) by captain normal on Thursday November 07 2019, @06:52PM (1 child)

      by captain normal (2205) on Thursday November 07 2019, @06:52PM (#917431)

      First of all if you have a maid, you are likely living way above my pay grade. I do not find it demeaning to help clean up around the house, do laundry, wash dishes, cook or serve meals. If you do have servants in your household, then you are at their mercy when it comes to guarding your secrets.
      Second, how does having a device that I do not have control over make it more secure?

      --
      When life isn't going right, go left.
      • (Score: 0) by Anonymous Coward on Thursday November 07 2019, @09:41PM

        by Anonymous Coward on Thursday November 07 2019, @09:41PM (#917542)

        A device with a trust root that you have control over can be made more secure than one without it. You could replace all the trust keys with your own at which point no software you have not personally signed can be loaded or run.