lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 08 Jun 2018 09:16:19 +0200 From: Security Explorations <contact@...urity-explorations.com> To: bugtraq@...urityfocus.com, fulldisclosure@...lists.org Subject: [FD] [SRP-2018-01] Reverse engineering tools for ST DVB chipsets (public release) Hello All, We have decided to release to the public domain our SRP-2018-01 security research project related to the security of STMicroelectronics chipsets. The research material (70+ pages long technical paper accompanied by two reverse engineering tools) can be downloaded from the SRP section of our portal (Past SRP materials): http://www.security-explorations.com/en/srp.html The release of SRP-2018-01 is a direct consequence of the following: 1) no response to our inquiries regarding the impact of ST issues from a SAT TV ecosystem [1] (STMicroelectronics, NC+, Canal+, Vivendi), 2) no will to provide assistance to obtain information pertaining to the impact and addressing [2] of the issues from STMicroelectronics, we asked for help CERT-FR (French governmental CSIRT), IT-CERT (CERT Nazionale Italia) and US-CERT (US government CERT), but all of them stopped responding to our messages [1], 3) a statement received from a major vendor in a SAT TV CAS / security field indicating that its "goal is to remove the marketplace from our materials", 4) us completely breaking security of ADB [3] set-top-boxes in use by NC+ SAT TV platform (Canal Digital makes use of similar boxes) and gaining access to vulnerable ST chipsets again [4] (we verified that 6 years following the disclosure Canal+ owned NC+ still relies on / offers to customers STBs vulnerable to ST flaws, which likely violates security requirements of agreements signed with content providers). In that context, we see no reason to continue keeping SRP-2018-01 material under wraps. Thank you. Best Regards, Adam Gowdiak --------------------------------------------- Security Explorations http://www.security-explorations.com "We bring security research to a new level" --------------------------------------------- References: [1] SE-2011-01 Vendors status http://www.security-explorations.com/en/SE-2011-01-status.html [2] The origin and impact of security vulnerabilities in ST chipsets http://www.security-explorations.com/materials/se-2011-01-st-impact.pdf [3] ADB https://www.adbglobal.com/ [4] SRP-2018-02 Exploitation Framework for STMicroelectronics DVB chipsets http://www.security-explorations.com/materials/SRP-2018-02.pdf _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists