**** BEGIN LOGGING AT Mon Dec 04 03:00:02 2017 Dec 04 09:44:29 Hello Everybody, I have a problem in using P9_31 as a GPIO, I can not set it high or low, Is there anyone help me ? Dec 04 09:53:06 https://elinux.org/Beagleboard:BeagleBone_Black_Capes Dec 04 09:53:30 Based on this link I should disable HDMI Audio to use P9_31 is it correct ? Dec 04 10:19:29 * zmatt yes Dec 04 10:19:33 uhh, yes Dec 04 12:09:37 hi all, is there any place rather than BeagleBone offical site with more up to date Complete Beagle images? (with latest kernel 4.14)? Dec 04 13:06:35 hi..is anybody here? Dec 04 13:10:01 im gonna buy battery for my bbblue..which voltage battery i have to buy to power up bbblue? Dec 04 20:02:52 Having problems connecting to the BeagleBone... Any suggestions? Dec 04 20:03:37 When I go to 192.168.7.2 I get "This site can't be reached" Dec 04 20:04:23 scparker: what is the OS on the machine you are running the webbrowser on? Which image version does the beaglebone run? Dec 04 20:05:09 Windows 7.. Chrome.. bone-debian-9.2-iot-armhf-2017-10-10-4gb.img.xz Dec 04 20:06:06 USR0 LED is blinking Dec 04 20:08:53 windows 7 might need drivers Dec 04 20:09:19 does at least one of the two USB-network interfaces show up? Dec 04 20:09:22 is it active? Dec 04 20:11:46 I've installed the drivers. Dec 04 20:12:07 I'm not sure I see it as a USB-network interface. Dec 04 22:49:33 hi, i've been browsing the available material on pocketbeagle, osd3358 and am3358, but nowhere found more data on how the Cortex M3 is wired in there. Dec 04 22:50:10 the cortex-m3 integrated in the am335x is (normally) only used for power management related tasks Dec 04 22:50:17 i'd love to give it a try for deep-sleep activities and added security, but found no mentions of it on the am and osd side. Dec 04 22:50:30 do you have any links to its documentation? Dec 04 22:50:42 the source code for its firmware is available Dec 04 22:50:56 the am335x TRM has some docs on it Dec 04 22:51:20 keep in mind it only connects to the L4-Wakeup interconnect, so it has rather limited access to the SoC Dec 04 22:51:29 no L3 access Dec 04 22:55:54 i'll need to familiarize myself with L3/L4 here (my previous experience is with M3-style devices) *skims trhough trm* Dec 04 22:56:34 there are various interconnects on the am335x that connect the various initiators/masters to the many targets/slaves Dec 04 22:57:08 the big one is the L3 interconnect, and all initiators apart from the cortex-M3 connect to it Dec 04 22:57:49 zmatt: what i'm looking for explicitly is *something* that could access some flash memory it can lock everyone else out of Dec 04 22:58:01 so basically i'm looking for some form of secureboot Dec 04 22:58:42 there's no real form of secure boot possible on the GP version of the am335x, not something that is resistant against physical attacks Dec 04 22:59:28 i'm not looking for something resistant to physical attacks, but for something with which i can recover from potentially software-compromised devices in the field Dec 04 23:00:12 seeing there's an M3 on it gave me hopes that it'd have its own flash, and i could tie it into the bootup sequence, verify the main flash's signature and only then power up the main cortex and sign it its "i'm safe" waiver Dec 04 23:00:52 (or give it key material to encrypted flash or whatsonot) Dec 04 23:01:02 the bootloader can protect itself from compromise of the remaining system by marking its own eMMC sectors as "write-protected until next power up" before passing control to the kernel Dec 04 23:02:16 that might do; can that read-protect too? Dec 04 23:02:23 no Dec 04 23:03:02 I don't see any immediate reason why you'd need that for the scenario you're giving though Dec 04 23:03:40 i'd like to establish a scheme where distributed devices can prove to their owner that they have updated to a secure version after a security hole has been found Dec 04 23:04:20 yeah you'd need something like an external TPM Dec 04 23:04:47 together with a write-protected bootloader that performs an integrity measurement Dec 04 23:05:02 (and yes, i'm aware that the very same technology can be used for tivoization too :-( ) Dec 04 23:05:17 not really, since it has no security against physical attacks Dec 04 23:06:01 if you have access to the system, you can just bypass the bootloader and use your own that tells the TPM it's loading software X while in fact it's loading software Y Dec 04 23:06:16 thus making its certificate useless Dec 04 23:06:16 i think i could even do w/o write protection (so yes an attacker can brick the device, but they already own it) Dec 04 23:06:37 the write-protection is to prevent a compromised OS from compromising the bootloader Dec 04 23:06:38 yes, but access to the system is not within my threat model Dec 04 23:07:13 if it's read protected, the attacker can overwrite the boot loader, and then will never be able to have itself signed off as updated any more Dec 04 23:07:24 but sure, write protection is nice to have Dec 04 23:07:28 it doesn't have to be permanent write-protect though, write protect until next power-on suffices (and is an available function of eMMC) Dec 04 23:07:59 read-protection is unnecessary if a TPM is used Dec 04 23:08:28 in that case only the integrity of the bootloader matters but it contains no secrets (those are in the TPM) Dec 04 23:08:42 that yes -- but i was hoping that with the pocketbeagle i could implement that scheme with existing hardware Dec 04 23:08:47 no Dec 04 23:09:29 "no" in the sense of it *can* be done with the pocket? Dec 04 23:10:46 no there's afaik nothing you can use to provide boot integrity that is secure against OS compromise Dec 04 23:11:46 it also has no eMMC, I don't know if SD cards have adequate write-protection functionality to prevent tampering with the bootloader (which is a necessary requirement but not sufficient), but it might Dec 04 23:14:03 i'll need to dig a bit deeper into what eMMC and SD can do here... Dec 04 23:14:15 (the S in SD has to stand for *s*omething...) Dec 04 23:14:49 zmatt: thank you very much for all the information and input! Dec 04 23:16:01 most likely your best bet would be an external TPM + write protection for the bootloader. that would be a relatively simple solution with various levels of software support already existing Dec 04 23:19:36 is there anything an external TPM can do that an external Cortex M3 with built-in flash can't do? (both need to be properly wired, obviously) Dec 04 23:20:24 have existing software support? :) Dec 04 23:20:30 fair point :-) Dec 04 23:21:32 you don't happen to know of any open hardware device that is already set up for that? Dec 04 23:22:39 but sure, ultimately all you strictly need for this purpose is the ability to keep a secret and sign data... it's just that a TPM is already made for the purpose and existing integrity measurement support code that uses a TPM afaik already exists in u-boot and linux Dec 04 23:22:45 what do you mean? Dec 04 23:24:00 i mean a device i could actually buy (like the beaglebone series) and has a tpm (or equivalent) on-board so i can do my update verifications Dec 04 23:24:31 "device" is rather a broad term Dec 04 23:26:45 "thing that has ethernet or a cape-style extensibility, a <15cm form factor, runs linux, and can be powered from a 5V power supply" -- and a tpm Dec 04 23:27:55 no idea Dec 04 23:29:38 it might be a bit too specific Dec 04 23:30:50 yes, but i don't quite understand why. given the threat model current IoT devices are under, it seems like an obvious feature to me. Dec 04 23:32:00 (the typical issue of well-designed IoT devices is that they run some code that's zero-dayed, some devices get compromised, and then it's a race to distribute updates before the infection spreads. ... Dec 04 23:32:08 yes, and the am335x could have provided such functionality natively with very little effort by TI, but... ¯\_(ツ)_/¯ Dec 04 23:32:32 some day, attackers will be smart enough to mimick a successfully updated system and stay infected through the update) Dec 04 23:32:57 mh, i'll try bugging them about it, but i don't expect too much from it Dec 04 23:33:35 and the sad part is that once you start building something like that in yourself, they'll be super quick to ship something that obsoletes it Dec 04 23:33:37 oh they have an HS version of the am335x you can get if you're willing to sign an NDA and order a large quantity Dec 04 23:34:31 i've read a little about that, not sure it really covers my case, and at any rate, if it's under NDA i won't use it in products and won't trust it either Dec 04 23:35:08 afaik it works by burning the (hash of) your root code signing public key into e-fuse Dec 04 23:35:17 * chrysn slaps himself out of ranting mode which he was just about to start Dec 04 23:35:25 so the system will only execute signed executables Dec 04 23:35:40 which gets you enough to bootstrap most other kinds of security Dec 04 23:35:47 yes, but that doesn't keep it from running the old vulnerable code and pretend to be running the new version Dec 04 23:36:27 admittedly that makes it harder for an attacker, and might require an always-on MITM the device can rely on Dec 04 23:36:41 no, but you can use it to load a small bootloader with an measurement signing key (afaik the system supported encrypted executables) Dec 04 23:37:02 which can then provide attestation for the rest of the system Dec 04 23:37:42 ok, encrypted executables would indeed to -- yes Dec 04 23:38:41 of course I'm not sure they support them, it just seems likely... but I don't have details obviously Dec 04 23:38:49 anyway, bbl, heading home Dec 04 23:39:01 thanks again for all the insights Dec 04 23:39:14 will look a bit more at eMMC's RPMB, maybe that can help me Dec 04 23:46:30 (no, probably it won't; it's just key-secured memory, it seems to be nasty because you can't take ownership of it (destroy stored data and renew key), and it still gives no "read protect until next power-on" Dec 05 00:10:40 correct on both points Dec 05 02:49:38 hi? Dec 05 02:49:54 anyone here? Dec 05 02:51:20 * vagrantc lurks Dec 05 02:51:55 BGI: generally better form to ask questions about the topic than ask if anyone's around Dec 05 02:55:02 hi? Dec 05 02:58:47 BGI: do you have a question related to beagle* ? **** ENDING LOGGING AT Tue Dec 05 03:00:01 2017