One q to lead

[*MaTeOoSh*]

Quote:

Simply adding one more simple check to the preloader code and upgrading OTP CID will make this hole completely useless very soon. It is certain EMP will fix this ASAP.

... are you sure, that same action against your's "EMP ultra confidential crypto-device" will NOT be performed ?

remember lesson, which was given to Universal team ?

I'm not a "fanatic The_laser fan", but don't you think, that finding security holes is far more complicated as using ori EMP device ?

at least be a man and admit, that he's really good.

[Lead]

Quote:

Originally Posted by *MaTeOoSh*

... are you sure, that same action against your's "EMP ultra confidential crypto-device" will NOT be performed ?

remember lesson, which was given to Universal team ?

I'm not a "fanatic The_laser fan", but don't you think, that finding security holes is far more complicated as using ori EMP device ?

at least be a man and admit, that he's really good.

I have never said he or anyone else from his team is not good at reverse-engineering.
I personally consider the A2 security hole exploit as quite elegant, though it is limited only up-to the latest CIDs to date.
Unfortunately, I dislike the kamikaze-style of laser, but there always has to be at least one crazy man.
In the past it was the "good old" Zulea, now it is laser...
Zulea was more money oriented, laser is more ego & pride driven.

And, well, I consider cloning and patching(!) secure smartcards much more difficult than finding security holes - I've found a bunch of them too.
The effectiveness of finding security holes depends linearly on the number of people involved in searching for them (reverse engineering speed = team_size multiplied by some constant).
Btw, laser himself said he is not as good at those HW thingies...

Best regards,
Lead