The lock (fake) manual is available here: https://microcorruption.com/manual.pdf

haberman · on Jan 17, 2014

Cool! Notably, it appears that it is based on TI MSP430, which is a real CPU with its own instruction set. At first I thought they had invented their own ISA, which would have been crazy.

Scaevolus · on Jan 17, 2014

MSP430 is a remarkably elegant instruction set. Wikipedia has a good summary: http://en.wikipedia.org/wiki/TI_MSP430#MSP430_CPU

jof · on Jan 17, 2014

Well, let's just say it's an architecture Square knows well. :)

tptacek · on Jan 17, 2014

That has less to do with it than the fact that it was the smallest ISA I could find that GCC would readily compile down to.

kaeso · on Jan 17, 2014

I would have loved it to be some old ARM ISA to use it as a testcase for Avatar[0]. On the same topic, FIE paper may be an interesting reading for msp430 lovers[1] (but it needs source for symbolic execution, so doesn't directly apply here).

[0] http://www.s3.eurecom.fr/tools/avatar/

[1] https://www.usenix.org/conference/usenixsecurity13/technical...

Scaevolus · on Jan 17, 2014

In particular, Square's credit card readers use an MSP430 chip to encrypt the stripe data before passing it on the phone.

Their first credit card readers were entirely analog devices, which were very easy to use to skim cards.

Hopefully the latest batches have per-device unique keys (based on some centrally-known KDF) so a compromise of one doesn't re-enable such an exploit.

tptacek · on Jan 17, 2014

Just so I can be super clear here: none of the code in this challenge has anything whatsoever to do with anything Square ships. We deliberately made things less realistic to make the levels more fun, and easier to ramp up with.

bigmac · on Jan 17, 2014

Hopefully the latest batches have per-device unique keys (based on some centrally-known KDF) so a compromise of one doesn't re-enable such an exploit.

Yes, that's how it works.