[tor-relays] Exploiting firmware
Roman Mamedov
rm at romanrm.net
Fri Dec 9 09:53:15 UTC 2016
On Fri, 9 Dec 2016 04:17:49 -0500
grarpamp <grarpamp at gmail.com> wrote:
> >> Intel ME/AMT concerns me too
>
> > AMD Family 15h itself is safe.
>
> No one has any proof of that for any modern cpu from any
> maker, featureset irrelavant.
Sure, to clarify what's meant here is "it does not implement the actual
backdoor-like feature (separate CPU-within-CPU running proprietary code and
having super-user rights over the rest of the system and full access to
everything) in the form of 'Platform Security Processor' or 'Intel Management
Engine'". Point is if you wanted a desktop CPU without such feature, there's an
option available today, and you don't have to go back to Pentium 200 to avoid
it.
> They all accept microcode updates, which btw are all encrypted closed binary
> blobs.
Those are applied by your BIOS or your OS.
https://packages.debian.org/jessie/amd64-microcode
https://packages.debian.org/jessie/intel-microcode
You don't HAVE to install those. It's not like they are auto-downloaded from
the Internet directly by your CPU (at least if your CPU doesn't have those
AMT/PSP things :).
> And the chips themselves are fully closed source containing billions
> of transistors. You simply have no idea what's in there and no way to
> economically and publicly test or negotiate to find out and openly publish
> it all.
Sure there still can be subtle bugs and backdoors, but those will need to be
subtle, well hidden, likely more difficult to exploit, and likely having much
less of a "feature set" when exploited. Not to mention the devastating
reputation effect on the vendor if uncovered.
> Billions of secret transistors... billions.
> Not good, and not necessary.
>
> #OpenFabs printing #OpenDesigns
As far as I know there's no fully free and open chip right now which provides
performance expected of a modern desktop or server. There is the TALOS
project[1], but for most people it'll be a non-starter due to price. And even
there from what I see you don't get it made on an open fab. So we need to
choose the least evil option from what we have available, and to me the AMD FX
appears to be a win in that regard.
[1]
https://www.crowdsupply.com/raptor-computing-systems/talos-secure-workstation
--
With respect,
Roman
More information about the tor-relays
mailing list