Announcement

Collapse
No announcement yet.

GNU Linux-libre 4.15-gnu Deblobs Two New Drivers, Drops More Upstream References

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #51
    Originally posted by phoron View Post
    How will they show you ? How can you tell the hardware you got is by the design they posted ? If it is at all possible it must be expensive as hell.
    Buying hardware (as opposed to building it yourself down to the silicon, assuming that's even possible) means you're hosed. From there is
    all way down to mitigate risks. You'll never be sure. I'm somewhere having a draught now. The forecast tells it's going to rain and snow in a few hours.
    So I'm happy, but a meteorite could fall in 5 minutes. So what?
    The reality is a lot of these blobs are running in CPU/microcontroller units(stuff that is fully turing complete and could be made do anything). Like Intel ME. Also when people do reverse these the instruction set is normally found out anyhow.

    So a lot of this is no different to open source an operating system. You don't even need to give away the compete asic. Giving away the general circuit overview the instruction set in the blob and the source of what is in blob allows people to work out if the blobs they are supplied with are helpful or harmful.

    Also telling if hardware is per design there are few ways of confirming. Blackbox assessment where you know that instructions going in your know the circuit that is meant to be inside so you know what the responses should be. If they are not the chip is not valid.

    Destructive assessment
    If you read ExtremeTech regularly, you will have noticed that we love die shots -- close-up photographs of the transistors, wiring, and other circuitry at the core of every digital computer chip. How are these beautiful photographs taken, though? Well, I'm glad you asked, because you're about to find out.

    Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

    What is surprising is that the costs are not insane its cheaper to disassemble and confirm than a lot think. Costs will also level out when we hit silicon limit.

    This is why there is so much IP thief because its not that hard to dissect your competitors chips and clone them.

    Comment


    • #52
      Originally posted by oiaohm View Post

      The reality is a lot of these blobs are running in CPU/microcontroller units(stuff that is fully turing complete and could be made do anything). Like Intel ME. Also when people do reverse these the instruction set is normally found out anyhow.

      So a lot of this is no different to open source an operating system. You don't even need to give away the compete asic. Giving away the general circuit overview the instruction set in the blob and the source of what is in blob allows people to work out if the blobs they are supplied with are helpful or harmful.
      I hope I'm not overgeneralizing, but in the end the problem is we insist in consuming ever more complex technology without giving ourselves time to collectively analyze it and understand it. This gives the advantage to those that spent some years developing it before launch. They could share knowledge (all or part) with the community, but they are kept fed by people changing hardware every 2 years so that they can keep wasting it in insane javascript, or antiviruses chasing viruses, or whatever. We don't know what they give us, but we happily take it and even boast about having the latest gizmos. If we weren't so innovation-addict and products had a longer life, then we might either collectively analyze/reverse engineer or collectively design, and the hardware business would be in having fabs and maybe changing gate size and yield, but not IP blocks. Well, there would still be business in IP blocks, just as there is business in free software, but very different than now.

      Also telling if hardware is per design there are few ways of confirming. Blackbox assessment where you know that instructions going in your know the circuit that is meant to be inside so you know what the responses should be. If they are not the chip is not valid.
      How does this work? I understand that (a little) for combinatorial logic or analogic circuits, but how do you even know they're only that ?
      If a chip does USB and has a keylogger that stores keypresses and offloads them when it gets some secret input, or something like that, how do you analyze this functionality none told you is in there ? There are USB keyloggers in dongles, how do you know your, say USB phy, does not have one integrated, even if it really also works as a USB phy?.

      Destructive assessment
      https://www.extremetech.com/extreme/...-own-die-shots
      Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

      What is surprising is that the costs are not insane its cheaper to disassemble and confirm than a lot think. Costs will also level out when we hit silicon limit.

      This is why there is so much IP thief because its not that hard to dissect your competitors chips and clone them.
      Well, When I wrote that I was thinking more about individuals and this looks expensive, but yes, it could be done in a more collective way. Taking the paranoia all the way, you could remember agencies altering hardware on customs, so even if your community has checked a certain hardware model is safe, how do you know the specific piece you got is the same they analyzed ? I mean if you are going to buy 1000 units of something, you can buy 1010, break down 10 random samples and spend the time to check they look legit.
      But if you are just buying 1 unit, then you have to buy 2 and break down one. The cost is still too much (pay double the price and the work of analyzing) . It is more profitable to do when intending to steal IP than to protect from antifeatures.

      I really wasn't meaning this level of paranoia. I just meant that you can have your normal market confidence in a vendor up to the present, even without factual info, just because of what you've heard of them, or so on. But you don't know if you'll lose it in the future, the day after you buy from them there may be some scandal. If the hardware requires proprietary firmware loading you are quite tied to update the firmware forever, perhaps not strictly so, but in the normal workflow of the parties involved, it ends up either not working (linux-libre) or being replaced by the latest version.

      So you end up kind of buying a service, not only a product. That gives the opportunity to the vendor to screw things later or fix something, but it also would cost them money after sales, so there is not really much support to expect to really fix bugs (if you are Amazon and they expect repeating sales, maybe they will, if you're Joe Sixpack, maybe they won't, or they'll give you their leftovers fixed for Amazon). The vendor has already got your money and they won't get any more for fixing bugs. They may get more money if someone else pays them to spy their customers, or if they brick your device to get you to buy another, or some nasty other reason. Or they may save money if they don't spend so much in security (or require it to subcontractors) that someone can't crack into them or save in lawyers so that they can resist government pressure (not always possible, of course). It's not a very interesting service to have.

      Yes, you as the individual user could go to the trouble of isolating the first firmware version you can get and works and making sure you never update to a later one. That does not have to be equivalent to the firmware you would get in ROM, but at least may not be a neverending stream of firmware changes. But it's just a troublesome workaround, I still prefer to buy something that is finished for good or bad, and forget about what the vendor may or may not publish afterwards, so I still prefer proprietary firmware in ROM than updloaded. Of course I prefer still more uploaded free firmware (by the vendor or reverse enginereed). But the chance to buy something that will get reverse engineered software is slim, in general, and it's still kind of rewarding a vendor that does not publish free firmware themselves, so it is not so attractive (maybe OK for second hand hardware?).
      Last edited by phoron; 04 February 2018, 07:34 AM.

      Comment


      • #53
        Originally posted by phoron View Post
        Well, When I wrote that I was thinking more about individuals and this looks expensive, but yes, it could be done in a more collective way. Taking the paranoia all the way, you could remember agencies altering hardware on customs, so even if your community has checked a certain hardware model is safe, how do you know the specific piece you got is the same they analyzed ? I mean if you are going to buy 1000 units of something, you can buy 1010, break down 10 random samples and spend the time to check they look legit.
        But if you are just buying 1 unit, then you have to buy 2 and break down one. The cost is still too much (pay double the price and the work of analyzing) . It is more profitable to do when intending to steal IP than to protect from antifeatures.
        The process is random sampling. So you don't need everyone to-do it. You do need the threat that someone will. Humans don't maintain quality unless there is a big threat of being called out on it.



        Really reading up on badusb tells you why allowing a reversed firmware could be particularly bad. Rom or Signed does make sense. Problem is we need vetted signed.

        Please note badusb does not use OS blobs instead uses write to device flash to make a persisting infection. This is where deblobing is wrong. Its in fact better to have more blobs and less flash chips so that the OS does in fact have control over the more devices firmware.

        Note I did mention two methods. The non destructive blackbox. http://citeseerx.ist.psu.edu/viewdoc...=rep1&type=pdf

        You can perform blackbox without any documentation and you do not destroy thing. But if you do have documentation of what is meant to be inside the chip and how it exactly meant to react you can write detail blackbox style diagnostics on it. If the chip has a jtag or equal as long as the vendor is providing valid information confirming what is in the internal roms and other things of a silicon chip can be possible. Roms you cannot see from operating system normally.

        For those building hardware not having enough details is a big problem.

        https://hackaday.com/2016/02/01/ftdi...e-chips-again/

        Yes there are Counterfeit made silicon chips out there. And we don't have enough details from hardware makes to know always if as a device maker the chips you have bought a Counterfeit silicon chip or not. This is a big problem when we hit the absolute limit and we get more fabs at the same high performance nanometer. So a fab is needing to fill production quotas to cover costs making Counterfeit is not off the cards particularly when some countries where fabs are its not illegal.

        The problem of not being able to validate silicon and the contained roms applies to device makers like gigabyte and to end users like us. So there are parties ordering millions of parts who could do random sampling on a vendor just to make sure they are not going a batch of counterfeit. Counterfeit can be chips from the genuine plant just failed quality control of course quality control process is not documented .

        Really work out how to provide us with the information silicon makers so that we can confirm if we have your product or not because one day if you don't make a system like this be expected to be flooded with counterfeit or us as end user have a growing number of bad usb like devices..

        Comment

        Working...
        X