I read the recent paper on XBox security
[...] the security of a cryptosystem is only as strong as they secrecy of the key. Thus, some of the most startlingly effective attacks on a cryptosystem involve no ciphertext analysis, but instead find flaws in the protocols that manage the keys.This is pretty old hat to most of the people who read this blog but obviously not to some of the kids who build these systems. That's not the least of it, Section 6 outlines a much simpler way of tricking the xbox before it even gets a chance to jump into the bootloader. fun stuff!
I have a bar I try to make it under when I work on a network-based security protocols, and that bar is: "How could Dug Song put a hack for this into dsniff?". Dsniff allowing the entire world access to the ssh MITM vulnerabilities was probably better than several dozen security papers on MITM problems. I was thinking about the size of the XBox TCB when I remembered that it's not en vogue to call it TCB anymore, the assurance community now calls it TSF for Trusted Security Functions. I don't know if this a relabelling or if there are discernable differences between the terms. If you know, please inform me. thanks!
# — 02 June, 2002