On Fri, Dec 9, 2016 at 4:53 AM, Roman Mamedov rm@romanrm.net wrote:
option available today, and you don't have to go back to Pentium 200 to avoid
Using such a relic as a scrub firewall might protect you from magic packets launched by your adversaries towards one of those listening transistors in your shiny new Skylake you'd otherwise have directly connected to the net.
It's not like they are auto-downloaded from the Internet directly by your CPU
Billions of transistors, billions of packets, billions of bits, billions of broadcast internet 'scans', who's watching...
Sure there still can be subtle bugs and backdoors, but those will need to be subtle, well hidden, likely more difficult to exploit, and likely having much less of a "feature set" when exploited. Not to mention the devastating reputation effect on the vendor if uncovered.
There may not be any evil silicon code, perhaps just an agnostic monitor vm, external pushed codeload then exec trigger, they'll call it an undoc engineering feature, AMT precursor, not meant for public use, tie it to some other legit thing, whatever, no problem.
#OpenFabs printing #OpenDesigns
As far as I know there's no fully free and open chip right now which provides
That's because no one's giving any significant their free time / money / research to figure out how to do it, let alone develop talk about it as a serious global concept and goal and get it done. Always 'fab and open too costly' end convo. Bullshit, not costly per interested capita.
What saying is in environment of secret HW no point in betting hardware trust right now... for tor relays or anything else. Lot of HW is proving to be so buggy, if not evil, that it's exploited and exec'd to become evil. So buy whatever's interesting, put opensource OS on it and pray neither of them are fucked. And hedge your future bet by figuring out #OpenFabs hardware just like you figured out OpenSource software.