A Deeper Look Into Reversing the Toshiba FlashAir SD Card

November 14, 2018 ~ hucktech ~ Leave a comment

A Deeper Look Into Reversing the Toshiba FlashAir SD Card #pacsec #flashair #w04 https://t.co/k2hVfvKc33 pic.twitter.com/cExwqGzxdj

— Guillaume Valadon (@guedou) November 13, 2018

https://docs.google.com/presentation/d/1V8YnaCf7xddE4WNyE-suKmZBIE1sbi0f058CTNzty6g/edit#slide=id.g4525dccad7_0_0

ToshibaComExtractor: tool to extract Toshiba .COM firmware files

October 23, 2018 ~ hucktech ~ Leave a comment

Awesome utility to extract a proper BIOS image out of those pesky Toshiba BIOS "COM" files, courtesy of LongSoft. https://t.co/b5st7ZAgKG

— Plato Mavropoulos (@platomaniac) October 22, 2018

https://github.com/LongSoft/ToshibaComExtractor

Two guys, one laptop (hacking a Toshiba BIOS laptop)

September 10, 2018 ~ hucktech ~ Leave a comment

This is a great story about hacking a BIOS-level locked Toshiba laptop by @dsredford and @q3k. There will be plenty of hardware hacking, reverse engineering and perseverance. And some crypto as well. https://t.co/pXqe531jgy pic.twitter.com/a7WCwwjJU1

— Bad Cyber (@badcybercom) September 8, 2018

This is a great story about hacking a BIOS-level locked Toshiba laptop. There will be plenty of hardware hacking, reverse engineering and perseverance. And some crypto as well.[…] The whole process took 3 years – but the actual work took about 2 weeks, the rest was Michał waiting for Sergiusz to dump the chips. They reported their findings to Toshiba, which promised to deliver updates and change the encryption scheme.[…]

https://badcyber.com/two-guys-one-laptop/

Toshiba: Infineon TPMs, Security Feature Bypass Vulnerability

March 23, 2018March 23, 2018 ~ hucktech ~ Leave a comment

Infineon Technologies Trusted Platform Modules (TPMs), Security Feature Bypass Vulnerability

Document ID: 4015874
Posted Date: 2018-03-20
Last Updated: 2018-03-20

Infineon® Technologies Trusted Platform Modules (TPMs), Security Feature Bypass Vulnerability

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Potential Security Impact: A security vulnerability exists in certain Trusted Platform Module (TPM) firmware. The vulnerability weakens key strength. It is important to note that this is a firmware vulnerability, and not a vulnerability in the operating system or a specific application. Toshiba is working closely with Infineon® to validate their fix and ensure it works across Toshiba’s range of products. Until firmware updates are available, it is recommended that people and companies using Toshiba PCs and devices that incorporate TPMs to take steps to maintain the security of their systems and information.

Toshiba’s TPM Firmware Release Schedule:[…]
Source: Infineon® & Microsoft® Security TechCenter

https://support.toshiba.com/sscontent?contentId=4015874

Ubuntu 17.10 corrupting BIOS – many Lenovo laptops models (and Acer and Toshiba)

December 20, 2017 ~ hucktech ~ 2 Comments

“Canonical has pulled downloads for its Ubuntu 17.10 Linux distribution following reports that it can trigger a bug in the UEFI firmware of selected Lenovo, Acer, and Toshiba laptops, corrupting the BIOS and disabling the ability to boot from USB Drives.”

https://www.bit-tech.net/news/tech/software/canonical-pulls-ubuntu-1710-over-uefi-corruption-issue/1/

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1734147

Reversing Toshiba laptop BIOS protection

November 12, 2017 ~ hucktech ~ Leave a comment

Michał Kowalczyk has an interesting presentation on Intel BIOS reversing, focusing on a Toshiba system. Presentation is in Polish. If you have a Toshiba, see the excerpt below with advisory info.

Slides (PL) from a talk given by @q3k and me about reversing/hacking Toshiba laptop BIOS protection + EC signature system: https://t.co/VGgz88KjEP pic.twitter.com/x1gCAUUaJ9

— Michał Kowalczyk (@dsredford) November 9, 2017

Apologies in advance for the slidedeck being in Polish.

We've submitted this talk to the 34C3 CFP – English slides and recording will appearify if we get accepted :D. Otherwise we might whip up a quick blogpost.

— Serge (@q3k) November 9, 2017

Oficjalne stanowisko Toshiby
Toshiba is working on a temporary BIOS update that can be used to prevent the security issue that has been raised and expects to release this update on its website within the next 2 weeks.
Toshiba plans to start the release of a permanent fix for some models from January, 2018 and will complete the releases of permanent fix for all applicable models by the end of March 2018.

Click to access bd81619010b3b8ef012ff8af491a034bd9c6c3adfd76ddbb180c43c15f291fc1.pdf

http://dragonsector.pl/

Toshiba adds security features to firmware

June 13, 2017 ~ hucktech ~ Leave a comment

Toshiba has added firmware-level security to their Mobile Zero Client:

[…]How Toshiba Mobile Zero Client works
* Power on: User powers on the device, which connects to pre-configured LAN or Wi-Fi
* Boot permission: Device requests boot permission from Toshiba Boot Control Service*
* Big Core download: When boot permission is granted, your unique, secure, Big Core package is encrypted, downloaded and unpacked in the RAM
* Ready to go: Your Big Core, with Linux and the VDI client, is executed – establishing its connection to your VDI server

[…]Beyond supporting the storage of data securely away from the device, TMZC can provide added protection through Toshiba’s uniquely developed BIOS, which is designed and built in–house to help remove the risk of third-party interference.[…] We’re one of the only manufacturers that creates our own BIOS and UEFI’s.[…]

http://us.toshiba.com/solutions/tmzc

http://www.businesswire.com/news/home/20170613005346/en/Toshiba-Expands-Portfolio-Security-Solutions-Addition-Mobile

Toshiba to exit semiconductor manufacturing, except for NAND flash

January 24, 2016 ~ hucktech ~ Leave a comment

another one bites the dust in Japan's semiconductor industry – Toshiba to Gut Chiphttps://t.co/GaPJzprFu3 pic.twitter.com/QBHAu2SURZ

— akiba (@freaklabs) January 23, 2016

[…] Toshiba has firmed up plans to unload a large portion of its semiconductor-manufacturing operations as part of sweeping reforms to improve profitability in the wake of an accounting scandal. The Japanese company plans to keep NAND flash memory operations, its biggest profit source and a field where its market share is second only to Samsung Electronics. Product lines up for sale include analog chips, LSI chips, microcontrollers and power-saving semiconductors. Applications include cars, industrial machinery, home electronics and housing construction equipment. […]

http://www.eetimes.com/document.asp?doc_id=1328763&_mc=RSS_EET_EDT

http://asia.nikkei.com/Business/Deals/Toshiba-to-whittle-down-chipmaking-ops

I wonder if there are any Toshiba chips for sale that might be useful to acquire for an Open Hardware venture?