I agree with you, I was just saying that if they really want to intercept our communications, there is nothing we can do. They have the money, they have the most talented brains, and they have the power to do anything they want thanks to the false flag operations they use to change the laws.
Originally Posted by blackiwid
No I disagree with you here, you can hack some high-priority targets with new security holes... but not massive of them. only if every single company every service provider every hoster worldwide would work together with them, they could hack everything.
Originally Posted by wargames
Basicly its a point of how expensive you do make it for them. as example if everybody uses pgp emails... they could not record all mail in a readable way. ok they would still get meta-data. who has contacts with whom... and when and wheres the location of him.
So I try to make it as secure as possible and I do most stuff luke said in his post. But I want at least that such a organisation has to hack me, instead of just having a open backdoor installed. so a person has to invest at least 5-10 mins to hack me, instead a programm that automaticly does that on nearly every maschine worldwide by just logging in...
Is there a demand for further development?
If I look to comments, not much.
You mean as a todo for you?
Originally Posted by eisenhart
While I'm not entirely sure what it all does, is it flashable to a card? Or is it a replacement for the files in /lib/firmare. If so, does it do the stuff normal firmware does? E.g. video decoding acceleration?
Btw, if its a replacement for /lib/firmware, it's not a bios replacement, but a firmware replacement?
All still very exciting.
So if I understand correctly, it replaces the bios on the card, exports the same tables just as atombios did, you extract them from atombios and we still require the propriatary firmware blob in /lib/firmware?
I would love to use it, I should find some old videocards to start testing it, but what's are the supported cards? Yeah a faq would help a lot here
I think it can be the starting point for something beautiful and yeah, it's definitely worth it. Also, one blob gone is still one blob gone.
Even if it isn't that much yet, good news for me.
Binary blobs are obsolete.
Besides all the secret services around the world, just think of SMM. Or TR069 to configure your router remotely. There are a lot of dangerous things in the firmware, some maybe once built with a good intention but now prone to security holes and generally dangerous to the user and system. Open Firmware is more trustworthy in the long term, and once grown also more stable.
Wireshark would bust an NSA backdoor in a graphics card
Here's what would happen if say, Nvidia were dumb enough to use their binary blob to carry a backdoor for the NSA. Let's assume that big blob could more easily do this than the tiny Intel (on chip) or ATI (on disk) firmwares or video card BIOS blobs. Somebody, somwhere, running Wireshark would notice the packets always going out to one server or a small group of servers, possibly because they didn't trust the blob (or the firmware,or their BIOS, or whatever). They could compare with and without the blob(or coreboot, etc) and quickly see the suspicious activity. Open source or closed, concealing network activity from all users is rather like hiding a back door from all users of an open-source program. Instead of source code, someone is surely looking at packets.
Originally Posted by blackiwid
Nvidia and ATI would shit bricks if the NSA asked them to risk installing a surveillance program that could be detected by a random hacker from Anonymous, then revealed in all it's glory to their potential customers. All this assumes the graphics card can even get access to the network, the only thing I ever worried about was passwords echoed to the screen, an unnecessary risk that is always blocked by just about everyone. If Intel does this, it won't be in the graphics but elsewhere-and they'd still have Wireshark, etc to worry about.
If it was constantly sending out packets it would be too obvious. What you need is it to only respond when a request is made of sort. Probably some kind of key. I think the chances are its there, just really really well hidden. But then again, if its not there, they'd probably have a few zero day exploits up their back pockets..