Possible Ways to Crack the Bootloader

[markml0528]

So, if someone were able to have access to the machine (I know its not going to happen, but just so I can understand things clearly...), then this process could be done in a reasonable amount of time (meaning not universes age^83384), so long as someone had a cluster of computers to do the rest of the work?

Sent from my DROID2 using DroidForums

[czerdrill]

So, if someone were able to have access to the machine (I know its not going to happen, but just so I can understand things clearly...), then this process could be done in a reasonable amount of time (meaning not universes age^83384), so long as someone had a cluster of computers to do the rest of the work?

Sent from my DROID2 using DroidForums

yes, according to what they published yes.

[plslowmo]

Oh I was under the impression that it was used to spit out keys from something that required keys for access.

Sent from my DROIDX using DroidForums

[czerdrill]

Oh I was under the impression that it was used to spit out keys from something that required keys for access.

Sent from my DROIDX using DroidForums

Nah, then every hacker who has some money and the resources could just sit at home and get private keys at will for all encrypted devices, certificates etc. it would have been done already a long time ago if this was the case...

the machine that does the encrypting is the one that vulnerable to this "crack", but any machine that matters is of course not going to be in a vulnerable, nonsecure location...

[plslowmo]

Hmmm, maybe I need to re-read it. Then WTF was with all the media coverage when this came out?

Sent from my DROIDX using DroidForums

[czerdrill]

Hmmm, maybe I need to re-read it. Then WTF was with all the media coverage when this came out?

Sent from my DROIDX using DroidForums

well because something that was thought uncrackable, was cracked. i mean i'm not saying its not a big deal, just that it's impractical outside of a test environment. too many things have to fall into place to make it a realistic solution.

it was discovered in march 2010...if it really was such a huge vulnerability, don't you think it would receive far more coverage then it did? the only sites that picked it up was techie blogs, and tech news sites. i dont see any articles in the Times or the WSJ about this, although I admit I didn't search that hard...

It's really more of a "huh, that's cool..." thing, then an "OMG!!! RSA has fallen!!!!" thing lol...

[plslowmo]

I don't want to continue debating a non feasable idea but from the summary, " The scientists found they could foil the security system by varying the voltage supply to the holder of the "private key," which would be the consumer's device". I'm on my phone so I can't pull up the research paper and read that. Either way if this was something practical, somebody would have tried it on something.

Sent from my DROIDX using DroidForums

[WugFresh]

Just woke up from a much needed extended sleeping session. I see there has been lots of new discussion. Anyone break RSA encryption yet? Let me guess, YES, and it was czerdrill wasn't it!?

{{ WugFresh }}

[czerdrill]

Just woke up from a much needed extended sleeping session. I see there has been lots of new discussion. Anyone break RSA encryption yet? Let me guess, YES, and it was czerdrill wasn't it!?

{{ WugFresh }}

LOL yes i'm sending the keys over to koush right now, so he can do his worst...

[WugFresh]

Just woke up from a much needed extended sleeping session. I see there has been lots of new discussion. Anyone break RSA encryption yet? Let me guess, YES, and it was czerdrill wasn't it!?

{{ WugFresh }}

LOL yes i'm sending the keys over to koush right now, so he can do his worst...

SWEET!!! Thanks czerdrill, I knew you would pull through! How did you do it, were you just extra lucky in a brute force attempt and guessed the sholes private key after ten tries?

{{ WugFresh }}