* Posts by jbrickley

5 publicly visible posts • joined 16 Jan 2019

Think Korean chipmakers will buy Arm? Think again

jbrickley

Qualcomm bought a startup founded by former Apple Silicon chip designers

Qualcomm bought a startup founded by former Apple Silicon mobile chip designers. They attempted to use the startups licensing from Arm instead of renegotiating the licensee terms. Qualcomm has its own Arm licensing but it varies from the type of license held by the startup that Qualcomm now owns. Arm Holdings has stated they need a new license as the startup license no longer applies. There are two types of Arm licenses. One you license the designs for your SoC from Arm. This is how Qualcomm makes the Snapdragon SoC processors. The startup had a sweet deal on the other type of Arm license. The type that Apple uses where you license the architecture instruction set but are free to change it however you wish. Effectively granting you the rights to create an entirely custom arm64 clone processor of your own design. The startup had that license at a deep discount for a variety of reasons. Since Qualcomm bought out the startup, Arm Holdings wants to renegotiate the terms of the license and it seems there is a clause in the license contract that covers acquisitions. The license is invalid if company A is bought by company B. Qualcomm doesn't want to pay the exorbitant fees that Arm Holdings wants to charge. Qualcomm wants to compete with Apple and they cannot do that if they have to use the Arm designs. They just don't want to pay so much to do so. Apple is a former Arm member. They sold their stake in Arm years ago to help save Apple while also taking a $300M loan from Microsoft. However, they have a grandfathered license and relationship with Arm that goes all the way back to Acorn and the Newton. So no doubt, Apple has a discount yet still pays considerable sums to Arm Holding. It's all about money.

Microsoft hits the switch on password-free smartphone authentication

jbrickley

Apple announced this last year, they called it "passkey"

Apple announced support for this technology in 2021 based on the W3C Web Authentication API WebAuthn. Created by the World Wide Web Consortium and the FIDO Alliance, whose members are Apple, Amazon, Google, Meta (Facebook), and Microsoft are all FIDO board members, as are major financial institutions, credit card networks, and chip and hardware firms.

It's basically a public / private key solution. You create an account on a website or server that supports WebAuthn and the user is prompted to authenticate using a device password or biometric TouchID / FaceID. That generates a public / private key pair and the private key is saved to the Apple device Keychain while the public key is sent to the website. The login becomes passwordless and the system you are logging into no longer has to worry about password leaks, etc. Apple can sync the private keys via the iCloud Keychain to multiple devices. The Keychain is protected by a hardware blackbox storage device built-in to the Apple SoC processors called the SecureEnclave. It's basically like TPM 2.0 but on steroids.

There is zero need to use a Yubikey on Apple devices. The limitation is Microsofts not Apple. Apple passkeys will work across macOS, iOS, iPadOS, and WatchOS on any WebAuthn enabled system with very minor requirements from the system provider. Requiring the Yubico hardware or App is ridiculous for Apple users but understandable from Microsoft's perspective. They have no concept of the Keychain and their devices do not have a SecureEnclave blackbox chip within a System On Chip. All they have is a TPM 2.0 chip which is not quite as good but better than not having a TPM at all. Apple's SecureEnclave is a black box write only secure storage chip built-in to the T2, A## SoC and all Apple Silicon M1 / M2 SoC chips. Every modern Apple device has a Secure Enclave. Private keys and secrets are written to the SecureEnclave and are never readable again. When authenticating the public key is generated based on password, FaceID / TouchID and sent to the SecureEnclave which merely responds with YAH or NAY on a match. If YAH, the device unlocks. It's used to control disk encryption, device unlock, etc., etc., etc. The SecureEnclave can only be written to and subsequently reset (erased) destroying all the saved private keys except the unique single key burned into the SecureEnclave at time of manufacturing which can never be changed.

The requirement of the Yubikey by Azure AD is a design limitation set by Microsoft and for now might be required on Apple devices but that doesn't mean "This Is The Way". Apple has a much more elegant solution already in place that exceeds the Yubikey which is inferior to a SecureEnclave. As of iOS / iPadOS 16, WatchOS 9, and macOS 13 Ventura. It's here now and ready for websites and servers that support WebAuthn to enable passwordless authentication.

Hopefully this will all shake out in the next two to three years and resolve all these security risks for the vast majority of people.

The Curse of macOS Catalina strikes again as AccountEdge stays 32-bit

jbrickley

^^^^ THIS ^^^^

Ten million LIKES!

How bad is the code and how incompetent is this supposed wonderful accounting firm if they can't upgrade? Ridiculous...

Intel SGX 'safe' room easily trashed by white-hat hacking marauders: Enclave malware demo'd

jbrickley

i don't think that word means what you think it means

Hey, Intel "Secure Enclave" - i don't think that word means what you think it means!

Curious if Apple's T2 Security Chip that includes the same Secure Enclave used in all iOS devices is vulnerable to this or not. The T2 is an ARM based CPU that runs a custom BridgeOS that only Apple controls. Once data is written to the Secure Enclave it's inaccessible. You can only get a Yeah or Nay response when sending a public key or biometric key challenge to the Secure Enclave.

World's first robot hotel massacres half of its robot staff

jbrickley

From the pre-Internet Hitchhikers Guide To The Universe:

The Sirius Cybernetics Corporation is the primary manufacturer and supplier of androids, robots and autonomic assistants for the known universe. They are known for their catchy jingles and catchphrases, supplied by their Marketing Department.

They are not, however, known for the quality of their products.

Their primary claim to fame seems to be constructing just about everything with (unstable) advanced robotics and software. From doors to lifts, to toaster ovens, drinks machines, vacuum cleaners, and "personal massage units" -- Everything has been built with a full GPP or Genuine People Personality. This means that even a set of airlock doors has emotions, hopes, dreams, intelligence, and worse of all, the capacity for boredom. It should come as no surprise then, that the majority of these devices have a neurotic streak a mile wide.

The company motto is "Share and Enjoy." This is widely adaptable, from synthesized drinks to the company of a robot, or 'Your plastic pal who's fun to be with' as it is described by the aforementioned Marketing Department. It should be noted that many who do not Enjoy, then go on to fail to Share, unless this includes sharing strongly-worded opinions toward their complaints department.

The Hitchhiker's Travel Guide describes the Marketing Department of the Sirius Cybernetics Corporation as:

"A bunch of mindless jerks who'll be the first against the wall when the revolution comes."

Curiously, an edition of the Encyclopedia Galactica which conveniently fell through a rift in the time-space continuum from 1000 years in the future describes the Marketing Department of the Sirius Cybernetics Corporation as:

"A bunch of mindless jerks who were the first against the wall when the revolution came."

Only their complaints department survived the general economic implosion of the company as a whole.