Qualcomm’s Insecure TrustZone
Check Point Researchers Break Qualcomm’s Worlds
There is a bug in Qualcomm’s Secure Execution Environment, found on LG, Pixel, Samsung, Xiaomi, HTC, Sony, OnePlus, and many other phones, which breaks their Qualcomm’s Secure Execution Environment. Thankfully it was patched in October 2019, though this may not be great news for those with older handsets. They bombarded the phones with huge amounts of data using a fuzzing tool and found they could trigger states in which they could circumvent Qualcomm’s chain of trust, run trusted apps in the Normal World, load patched trusted apps into the Secure World and even more. Update those phones before you read more about the researchers and how they discovered the flaws.
Someone should also remind Sebastian to download all available Intel legacy drivers before they disappear and he can’t update his classic hardware!
QSEE, more commonly known as Qualcomm Secure World, is a secured area present on the main processor. The purpose of creating this hardware-protected space is to secure sensitive information, such as passwords, payment card credentials and encryption keys.
More Tech News From Around The Web
- Intel To Remove Old Drivers and BIOS Updates From Its Site @ Slashdot
- Oculus Link for PC is live: Everything we know about cables, GPU support @ Ars Technica
- Optical Keyboards Have Us Examining Typing At Light Speed-ish @ Hackaday
- A bridge over troubled water: Intel teases Ponte Vecchio, the GPU brains in US govt’s 1-exaFLOPS Aurora supercomputer @ The Register
- HP board unanimously rejects Xerox’s £26bn takeover bid @ The Inquirer
- onight on Tales from the Crypto: It lives! GPU flinger Nvidia bouncing back after miner affair @ The Register