Announcement

Collapse
No announcement yet.

Developer Warns Of "Uncorrectable Freedom & Security Issues" For x86

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    How do you expect to sell a GPU for a not-yet-ready workstation if nobody produces it anymore?
    ## VGA ##
    AMD: X1950XTX, HD3870, HD5870
    Intel: GMA45, HD3000 (Core i5 2500K)

    Comment


    • #12
      So we can reverse engineer these blobs?

      Comment


      • #13
        Originally posted by Goddard View Post
        So we can reverse engineer these blobs?
        I don't think so, the code actually runs on an embedded processor before the OS runs. Even if a driver could be developed for the embedded processor you can't bypass the binary code that runs before the OS boots.
        Last edited by duby229; 04-05-2016, 10:57 AM.

        Comment


        • #14
          Originally posted by tuuker View Post
          1: infiltrate Intel labs and take blueprints for x86 and produce CPUs on country where patents do not apply 2: someone should steal this microsoft or any other company secure boot key generator or full source code for these blobs.

          Freedom must be gained back with any means, enough of this locking everything.
          We already have secure boot keys. Microsoft gave some to a few Linux distros, and they can be used to chainload anything else.

          Btw, I thought IME could be disabled in almost all BIOSes, and was infact not enabled by default.

          Comment


          • #15
            Originally posted by carewolf View Post
            We already have secure boot keys. Microsoft gave some to a few Linux distros, and they can be used to chainload anything else.

            Btw, I thought IME could be disabled in almost all BIOSes, and was infact not enabled by default.
            SB must be enabled on machines sold with Win8+ by default

            Comment


            • #16
              Fortunately there are enough pre-2009 Thinkpads and BIOS-based workstation PCs on eBay to last me a few more years. And by then, I hope there might be ARM, MIPS, POWER or open-source hardware that is actually fast, works with mainline kernels, and works with a free graphics driver...

              Comment


              • #17
                For now the solution is to stockpile. If a police raid wiped out my stock of pre-2013 AMD hardware, I could have someone not known to the authorities order more over Ebay. Ordering it myself would be more dangerous than using the current hardware as the FBI would then have the option of intercepting hardware going to a known adversary for installation of malicious firmware or chips.

                A $3,000 POWER setup is worth more than all my assets. If I could not avoid the newer machines, I would have to split them up: video editing and storage on never-networked machines bought randomly with cash, networking done with other machines using read-only filesystems, destructable media to move files between them. Malicious firmware cannot exfiltrate your disk key over a network if there is no network, and exfil by flash drives to another networked machine is complex enough that mass produced firmware probably would leave it out.

                This is important because the NSA had decided to open their database to law enforcement, meaning ALL disfavored activity now has the NSA and not just Secret Service or the FBI as the adversary so far as securing encrypted media and messages is concerned.

                Thanks for what amounts to a warning never to use recent x86 boards for any machine that is both encrypted/has read-write storage of sensitive data and networked. An insecure x86 laptop with TAILS plus an airgapped video editor would be tough to defeat even with malicious firmware unless retail machines sold to off the shelf to all buyers had a keylogger writing to disk turned on all the time. That would almost guarantee detection by users of forensic file recovery software.

                For now I will keep my old BIOS boards and AMD can keep their replacement for Bulldozer and Phenom until someone cracks their firmware and releases the keys.

                Comment


                • #18
                  Originally posted by stevenc View Post
                  Fortunately there are enough pre-2009 Thinkpads and BIOS-based workstation PCs on eBay to last me a few more years. And by then, I hope there might be ARM, MIPS, POWER or open-source hardware that is actually fast, works with mainline kernels, and works with a free graphics driver...
                  Tell RMS to make you an open-Risc based superfast/lowpower CPU.

                  Comment


                  • #19
                    This might be a good time to mention a fully open source processor, implementing the free open instruction set RISC-V:
                    https://www.ethz.ch/en/news-and-even...processor.html
                    http://www.pulp-platform.org/
                    http://riscv.org/

                    And open source GPU:
                    http://miaowgpu.org/

                    Now having an BIOS/UEFI alternative and platform specification would allow to start building completely open source hardware systems.



                    Comment


                    • #20
                      Originally posted by nanonyme View Post

                      SB must be enabled on machines sold with Win8+ by default
                      And it MUST also be disablable. Are you confusing IME with SB?

                      Comment

                      Working...
                      X