Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Samsung develops new security chip for smartphones

AshRiver
 Share

https://www.zdnet.com/article/samsung-develops-new-security-chip-for-smartphones/

Quote

The new secure element chip is CC EAL 6+ certified and will launch sometime in the third quarter.

Quote

Samsung has launched a new secure element (SE) chip to protect private and sensitive data on mobile devices, the company said on Tuesday.

The chip, dubbed S3FV9RR, will be offered as a standalone turnkey with security software, Samsung said. 

Common Criteria, which certifies the security level of IT products from EAL0 to EAL7 with seven being the most secure, gave the security chip a Common Criteria Evaluation Assurance Level (CC EAL) 6+ certification. 

With the 6+ certification, Samsung said the SE chip has the highest rating to date for a mobile component.

According to Samsung, the new chip provides protection for mobile devices such as smartphones and tablets when performing booting, isolated storage, mobile payment, among other applications. 

It can also be used for e-passports and cryptocurrency hardware wallets, and to support hardware-based root of trust and device authentication. The chip is also versatile, Samsung added, as it can work independently from the security performance of a device's main processor.  

The SE chip will be available in the third quarter.

The company first deployed a similar SE chip back in February for the Galaxy S20 series, which was CC EAL 5+certified.

spacer.png

 

 

I can't wait for exploits and vulnerabilities for this chip to be publish onto the net, and look how adorable those tiny chips are. Aren't they cute?

 

Meanwhile, hackers in mom's basement:

spacer.png

Link to comment
Share on other sites

Link to post
Share on other sites

But does it protect from downloading malware on google play? 
 

and that chips fucked even if shaggy uses %.09 of his power.

AMD blackout rig

 

cpu: ryzen 5 3600 @4.4ghz @1.35v

gpu: rx5700xt 2200mhz

ram: vengeance lpx c15 3200mhz

mobo: gigabyte b550 auros pro 

psu: cooler master mwe 650w

case: masterbox mbx520

fans:Noctua industrial 3000rpm x6

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, Letgomyleghoe said:

But does it protect from downloading malware on google play? 

Or the default and only web borwser?

Link to comment
Share on other sites

Link to post
Share on other sites

18 minutes ago, Letgomyleghoe said:

But does it protect from downloading malware on google play?

Well, no amount of security chips can replace common sense. If you're a dumbass, then there's nothing manufacturers can do...

CPU: AMD Ryzen 7 5800X GPU: AMD Radeon RX 6900 XT 16GB GDDR6 Motherboard: MSI PRESTIGE X570 CREATION
AIO: Corsair H150i Pro RAM: Corsair Dominator Platinum RGB 32GB 3800MHz DDR4 Case: Lian Li PC-O11 Dynamic PSU: Corsair RM850x White

Link to comment
Share on other sites

Link to post
Share on other sites

*spongebob voice* 3 hour later

XDA: TWRP released

Awareness is key. Never enough, even in the face of futility. Speak the truth as if you may never get to say it again. This world is full of ugly. Change it they say. The only way is to reveal the ugly. To change the truth you must first acknowledge it. Never pretend it isn't there. Never bend the knee.

 

Please quote my post in your reply, so that I will be notified and can respond to it. Thanks.

Link to comment
Share on other sites

Link to post
Share on other sites

31 minutes ago, Morgan MLGman said:

Well, no amount of security chips can replace common sense. If you're a dumbass, then there's nothing manufacturers can do...

I know, I was mostly joking about the whole malware on google play thing.

AMD blackout rig

 

cpu: ryzen 5 3600 @4.4ghz @1.35v

gpu: rx5700xt 2200mhz

ram: vengeance lpx c15 3200mhz

mobo: gigabyte b550 auros pro 

psu: cooler master mwe 650w

case: masterbox mbx520

fans:Noctua industrial 3000rpm x6

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, Letgomyleghoe said:

I know, I was mostly joking about the whole malware on google play thing.

Oh I'm aware, I wasn't talking specifically about you, just people in general ;)

CPU: AMD Ryzen 7 5800X GPU: AMD Radeon RX 6900 XT 16GB GDDR6 Motherboard: MSI PRESTIGE X570 CREATION
AIO: Corsair H150i Pro RAM: Corsair Dominator Platinum RGB 32GB 3800MHz DDR4 Case: Lian Li PC-O11 Dynamic PSU: Corsair RM850x White

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, AshRiver said:

According to Samsung, the new chip provides protection for mobile devices such as smartphones and tablets when performing booting, isolated storage, mobile payment, among other applications. 

So its the T2 chip but does a few different things. So if this chip were to corrupt itself, poof, phone is useless. Just like a MacBook Pro with a T2 that has secure boot enabled. 

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | CPU: R5 2600 | Mobo: ASRock B450M Pro4 | RAM: 16GB 2666 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 10 | Storage: 480GB PNY SSD & 2TB WD Green HDD | PSU: Corsair CX600M | Display: Dell 27 Gaming Monitor S2719DGF 1440p @155Hz, Dell UZ2215H 21.5" 1080p, ViewSonic VX2450wm-LED 23.6" 1080p | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G303 | Audio: Audio Technica ATH-M50X & Blue Snowball
Link to comment
Share on other sites

Link to post
Share on other sites

3 hours ago, Morgan MLGman said:

Well, no amount of security chips can replace common sense. If you're a dumbass, then there's nothing manufacturers can do...

Growing up, my dad hated when any of us used the term "idiot proof". His response was always "As soon as you make something idiot proof, they build a better idiot". Him being a programmer, I can only imagine what he has been through from various users running his code, or his own colleagues not reading his notes.This somehow feels applicable to what you're conveying, lol.

My (incomplete) memory overclocking guide: 

 

Does memory speed impact gaming performance? Click here to find out!

On 1/2/2017 at 9:32 PM, MageTank said:

Sometimes, we all need a little inspiration.

 

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

4 hours ago, DrMacintosh said:

So its the T2 chip but does a few different things. So if this chip were to corrupt itself, poof, phone is useless. Just like a MacBook Pro with a T2 that has secure boot enabled. 

if you replace it im sure you can boot. Like the T2 chip you can replace it with one from another machine (that is broken in some othre way) and you will be ok, you just need to ensure you also bring over the ssd from that machine since the T2 chip is the ssd controler so it keeps track of the sectors of each ssd chip that are in use etc.

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, hishnash said:

if you replace it im sure you can boot. Like the T2 chip you can replace it with one from another machine (that is broken in some othre way) and you will be ok, you just need to ensure you also bring over the ssd from that machine since the T2 chip is the ssd controler so it keeps track of the sectors of each ssd chip that are in use etc.

I'm pretty sure you can't do this... Although I'm no expert, T2 chips are what make the encryption/secure thing work. If you could just swap them wouldn't they be moot?

My Folding Stats - Join the fight against COVID-19 with FOLDING! - If someone has helped you out on the forum don't forget to give them a reaction to say thank you!

 

The only true wisdom is in knowing you know nothing. - Socrates
 

Please put as much effort into your question as you expect me to put into answering it. 

 

  • CPU
    Ryzen 7 1700 3GHz 8-Core Processor @ 4Ghz
  • Motherboard
    GA-AX370-GAMING 5
  • RAM
    DOMINATOR Platinum 16GB (2 x 8GB) @ 3400mhz
  • GPU
    Aorus GTX 1080 Waterforce
  • Case
    Cooler Master - MasterCase H500P
  • Storage
    Western Digital Black 250GB, Seagate BarraCuda 1TB x2
  • PSU
    EVGA Supernova 1000w 
  • Display(s)
    BenQ - XL2430(144hz), Dell 24" portrait
  • Cooling
    MasterLiquid Lite 240
Link to comment
Share on other sites

Link to post
Share on other sites

50 minutes ago, GOTSpectrum said:

I'm pretty sure you can't do this... Although I'm no expert, T2 chips are what make the encryption/secure thing work. If you could just swap them wouldn't they be moot?

As long as you swap it out with its companion SSD chips there is nothing moot about it, you need to users PW of the user that set up the machine that you took the T2 chip from through. The security is maintained, from T2 chips perspective you have just replaced the CPU, gpu etc , i would assume this is the same for this sec chip that Samson have made.

Link to comment
Share on other sites

Link to post
Share on other sites

8 hours ago, Letgomyleghoe said:

But does it protect from downloading malware on google play? 
 

and that chips fucked even if shaggy uses %.09 of his power.

 

7 hours ago, Morgan MLGman said:

Well, no amount of security chips can replace common sense. If you're a dumbass, then there's nothing manufacturers can do...

Considering that the Google Play Store is the trusted place for apps, I believe that it’s Google’s responsibility to have a proper app vetting process to screen clean and malicious apps considering that Play Protect’s detection scores aren’t on par with others. [here] [here]

There is more that meets the eye
I see the soul that is inside

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

39 minutes ago, captain_to_fire said:

 

Considering that the Google Play Store is the trusted place for apps, I believe that it’s Google’s responsibility to have a proper app vetting process to screen clean and malicious apps considering that Play Protect’s detection scores aren’t on par with others. [here] [here]

Yeah I was mainly joking at that lol

AMD blackout rig

 

cpu: ryzen 5 3600 @4.4ghz @1.35v

gpu: rx5700xt 2200mhz

ram: vengeance lpx c15 3200mhz

mobo: gigabyte b550 auros pro 

psu: cooler master mwe 650w

case: masterbox mbx520

fans:Noctua industrial 3000rpm x6

 

 

Link to comment
Share on other sites

Link to post
Share on other sites

Some corrections to the comments in this thread.

1) The T2 is more than just a secure co-processor. This chip seems to be more like the secure enclave iPhone has. The secure enclave is a co-processor which handles some security features (like the T2 which also does stuff like image processing, it's the SSD controller, it controls audio and many more things). So this is like a T2 processor but with more than half the functionality removed, only leaving the security stuff.

 

2) The T2 got a bad rep for some reason. It's a great thing and every computer should have it. We should be thrilled that companies are focusing more on hardware solutions for security.

 

3) This seems like a competitor to what Qualcomm already has built in to their SoCs. All of the high end Qualcomm processors in the last couple of generations have had dedicated secure processing units embedded on them. I think it started with the Snapdragon 845, and before that you could implement them as separate chips. The 855 for example was EAL4+ certified. The Pixel 3 for example had a Snapdragon 845, but since it wanted a higher security classification they developed a chip called the "Titan M" and used that. I think the same chip is also in the Pixel 4 but I am not sure.

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, LAwLz said:

2) The T2 got a bad rep for some reason. It's a great thing and every computer should have it. We should be thrilled that companies are focusing more on hardware solutions for security.

I'd rather swap out my drives thanks. I'll take the risk of someone removing my SSD (and looking at my in game screen shots and big chungus background) over running back to the manufacturer with my pants down and bending over when the drive needs replacing.

Link to comment
Share on other sites

Link to post
Share on other sites

6 minutes ago, Curious Pineapple said:

I'd rather swap out my drives thanks. I'll take the risk of someone removing my SSD (and looking at my in game screen shots and big chungus background) over running back to the manufacturer with my pants down and bending over when the drive needs replacing.

Well the SSD on the computers which has the T2 are soldered on, so it's not like you could do that anyway.

 

I am also pretty sure you could swap the drive out (assuming some soldering job was done). You just won't be able to get the data off the drive.

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, LAwLz said:

Well the SSD on the computers which has the T2 are soldered on, so it's not like you could do that anyway.

 

I am also pretty sure you could swap the drive out (assuming some soldering job was done). You just won't be able to get the data off the drive.

They're tied together AFAIK, you need the pair. Dead drive is dead board without going back to manufacturer. If the machine came supplied with a scratch off code card that  contained the drive key then it wouldn't be an issue. If the board dies and you replace it, you enter the security key from the old board and it decrypts the data and you can either replace the key on the board, or have it decrypt the drive to allow you to backup and then re-write the data with the new boards encryption key.

Link to comment
Share on other sites

Link to post
Share on other sites

Well it will be very interesting to see Samsung show this with new SoC that's definitely going to be ARM Cortex X1 core with RDNA based GPU too. 

Ryzen 7 3800X | X570 Aorus Elite | G.Skill 16GB 3200MHz C16 | Radeon RX 5700 XT | Samsung 850 PRO 256GB |Mousepad: Skypad 2.0 XL | Mouse: Zowie S1-C |Keyboard: Corsair K63 MX red | OS: Windows 10

Link to comment
Share on other sites

Link to post
Share on other sites

16 hours ago, DrMacintosh said:

So its the T2 chip but does a few different things. So if this chip were to corrupt itself, poof, phone is useless. Just like a MacBook Pro with a T2 that has secure boot enabled. 

Yeah, it seems security is the new buzzword for self bricking devices..... (and cannot be repaired OFC)

Link to comment
Share on other sites

Link to post
Share on other sites

36 minutes ago, LAwLz said:

Well the SSD on the computers which has the T2 are soldered on, so it's not like you could do that anyway.

Mac pro has it and have removable drives. BTW closed source "security through obscurity" type of solutions(T2 and this) should die in flames....

Link to comment
Share on other sites

Link to post
Share on other sites

31 minutes ago, Curious Pineapple said:

They're tied together AFAIK, you need the pair. Dead drive is dead board without going back to manufacturer. If the machine came supplied with a scratch off code card that  contained the drive key then it wouldn't be an issue. If the board dies and you replace it, you enter the security key from the old board and it decrypts the data and you can either replace the key on the board, or have it decrypt the drive to allow you to backup and then re-write the data with the new boards encryption key.

That's not what I've read, or from my understanding of the T2. Do you have any source for this?

I don't see why you would have to replace the entire motherboard if the drive died (other than it being soldered on, which it is on all Macs with the T2 from what I know).

 

 

 

Here is how I understand it.

1) The SSDs on the T2 equipped Mac computers are physically tied to the motherboard because they are soldered on.

2) The data on the SSDs are tied to the T2 chip because that holds the encryption key.

3) The T2 is physically tied to the motherboard because it is soldered on.

4) The physical SSD is NOT tied to a unique T2 chip in any way.

 

 

So in what way does the T2 limit customers?

If the SSD dies then you will lose your data regardless of whether or not the computer has a T2.

If the motherboard dies then you would still lose all the data because replacing the motherboard means replacing the SSD (since it's soldered on).

 

 

 

Assuming all T2 equipped Macs have soldered SSDs, I honestly can't think of a scenario where it would matter if you had the T2 or not.

If the SSD dies then it wouldn't matter if it had a T2 or not.

If the motherboard died then it wouldn't matter if you had the T2 or not because the soldered on flash chips would need to be replaced anyway.

 

 

Maybe it is limiting if all of these criteria are met:

1) A component soldered to the motherboard other than the flash chips or the storage controller portion of the T2 died.

2) You are able to successfully, without damaging anything, transplant the working SSD from the broken motherboard to a new one.

3) You wanted to keep your files but since the SSD is no longer paired with the same T2 chip, decryption is not possible and you have to wipe the drive clean.

4) You didn't want proper encryption on your computer to begin with.

That's probably a very rare scenario though.

 

 

9 minutes ago, jagdtigger said:

Yeah, it seems security is the new buzzword for self bricking devices..... (and cannot be repaired OFC)

Well that's how proper security works.

You need someway to tie data to a specific machine to enforce things like a limited number of tries. Otherwise anyone could remove the drive from the computer and run brute force attacks on it from a far more powerful computer, or a computer that doesn't enforce things like limited number of tries, data wipes after X number of failed attempts, and the likes.

We have had similar things in computers for over a decade now (TPMs) and in phones they have had similar technologies for years as well. Like I said, all the high end Snapdragon processors have had security co-processors embedded in them for years now. Before that they used to be separate chips (like this Samsung one). Both AMD and Intel also have limited security co-processors embedded in them for years now. Although they typically don't deal with drive encryption so it's less user facing than these or a TPM. They still do a lot of the same things in the background though.

 

 

15 minutes ago, jagdtigger said:

Mac pro has it and have removable drives. BTW closed source "security through obscurity" type of solutions(T2 and this) should die in flames....

This is not "security through obscurity". There are detailed explanations of how the secure enclave works.

This is security through, well, secure design. Again, tying data to the hardware is a very, very crucial part of security a system and protection against data theft. That's why not just Macs do it, but Android phones, Windows computers and iOS devices does it. The big difference is that Macs are secure out of the box, while for example Windows changes extra for it (Pro version only) and has it disabled by default.

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×