STM32 Security issue, ST MCU division, please help me...

Posted on March 28, 2012 at 20:13

to clive1

The problem is that I am receiving virtually NO support here on MCU aspect what so ever, there are more story I can tell, but not for now.

Back to your question, what ST specialist can help us?  Actually there are few more ways for further protection, someone was suggesting me to use Vbatt erase scheme.  Another one method was developed by our engineer using RC oscillation as special spectrum print… etc.

There are / may have known problem / bug, and most of us don’t know about, maybe ST’s engineer can give us a private heads up, so we can prevent those copy cats even further.

I have send all the samples I have in hand to different labs to decap, to see if these samples are original STM32 as suggested by Melih, if they are, than we should see information on die after decap, and we will know more.

I much believe I have stepped into the most sensitive area where ST may feel not comfortable, and I would like to make my point that if I could get proper support here in Thailand, I would not be crying for help up here in ST’s forum, and all problems will be settled privately and silently long before jeopardy start at the prime time.

Here are some more other’s facing the same problem.

http://translate.google.com.tw/translate?hl=zh-TW&sl=auto&tl=en&u=http://bbs.21ic.com/icview-320761-3-1.html

This is Chinese to English translation, and there are cry for justice, and skeptics who wonder if can be done or not, just for ur info.  42nd Floor is the part about UUID.

Cheers

Shenta

Posted on March 28, 2012 at 20:26

Dear 

Shenta

In China, almost all customers are aware that any MCU (especially none Secure Micro) can be cracked and not only ST MCU but also all other known MCUs. The only different is the cost of doing so. As we know that the cost of hacking ST MCU is higher than our competitors and requires costly equipments ( 1M$).

Up to Now, we have no evidence that this is possible on our STM32 and are just claims.... We tried to contact them but no replies yet . That means they are not serious  and there is no  proof that what the website indicates is true.

We believe this is not the only website in China claiming such service... we have come across several websites too and we are ware most suppliers have no control on what these websites claim to be able to do or offer.

We are caring about our customers concerns and we advice you to be in touch with our local representatives that we are already in discussion to give us these proof in order to help you on that subject.

As said, Hacking is not permitted by law and can be pursued with justice.  Please have a look on our ''Code of Conduct'' in our Forum and we will remove that message from our Forums as we remind then again here and are in the link at right side :

</p>

These are the terms of use that every member using STMicroelectronics E2E Communities agrees to adhere to.

Remember that the words you enter in a burst of passion or indignant anger will be there for you and everyone else to see, sometimes long after those intense feelings have passed. That's not meant to discourage spontaneity, but just a friendly reminder of the long-term existence and effects of what you post.

You may, from time to time, find yourself in disagreement with someone else's opinion. At times like these, please keep in mind it's safer and more polite to take issue with the comments rather than the person.

By participating in STMicroelectronics�s Forums, you agree that you will not post any of the following material:

*** Any communication that is intended to harass, belittle, humiliate, threaten or cause embarrassment.

*** Material that contains vulgar, obscene or indecent language or images.

*** Any communication that contains spam (multiple copies in one area or the same communication in multiple areas).

*** Material that defames, abuses or threatens others.

*** Statements that are bigoted, hateful or racially offensive.

*** Material that advocates illegal activity or discusses illegal activities with the intent to commit them.

*** Unauthorized copyrighted material.

*** Advertising or any form of commercial solicitation

*** Material that impedes or otherwise prohibits communication; disrupts the discussion including, without limitation, using names in topical boards that are offensive to the topic, the team, and repeatedly posting off-topic messages in a topical message board.

*** no Politics or Religious discussions.

Statements or postings that violate the above terms will be deleted from postings upon discovery. While we may attempt to notify you if we move or delete a post, we are under no obligation to do so. Depending on the nature of the violation, STMicroelectronics at their sole discretion, may terminate your user account.

</div>

Regards,

STM32 Moderator.

PS: Our Local support in Thailand will contact you to see the original device and the the two copies and help you to understand your case.

Posted on March 28, 2012 at 20:33

Thank U STOne-32 for helping out.

We like STM32, and we love its performance.

We are not trying to hack, but trying to prevent it from happening.

If you come to Thailand, let me buy u a beer.

Cheers

Shenta

Posted on March 28, 2012 at 20:53

Hi Shenta,

Tomorrow, my colleagues in Thailand will re-contact you  and discuss further your issue.

Thank you for the Beer offer 😉  when I will be there, sure I will contact you .

Cheers,

STOne-32.