> A commercial HSM - used by CAs, businesses, banks to hold private keys - contains RF shields, temper-detection switches, sensors for X-ray, light, temperature, battery-backed SRAM for self-destruction, and so on, it's extremely unlikely that anyone has ever succeeded to break into a HSM
A service to lift firmware from Gemalto chips used in SIM, and credit cards costs $25k here at most
I think there's some confusion. Are you sure that you are talking about the same thing? What I meant here is a real HSM, something similar to a IBM 4758 [0] (which was once vulnerable, but only because it had buggy software), not a SIM card or a credit card chip. Do you imply that many HSMs are based on the same Gemalto chip?
A service to lift firmware from Gemalto chips used in SIM, and credit cards costs $25k here at most