I am told, by a very involved developer in this field, that these concerns are a bit overhyped, limited to now outdated Via C3 CPUs.
On Wed, Aug 15, 2018, 12:15 AM grarpamp <[email protected]> wrote: > > https://www.tomshardware.com/news/x86-hidden-god-mode,37582.html > > > > Some x86 CPUs have hidden backdoors that let you seize > > root by sending a command to an undocumented RISC core that manages > > the main CPU, security researcher Christopher Domas told the Black Hat > > conference here Thursday (Aug. 9). > > > "This is really ring -4," he said. "It's a secret, co-located core > > buried alongside the x86 chip. It has unrestricted access to the x86." > > > "These black boxes that we're trusting are things that we have no way > > to look into," he said. "These backdoors probably exist elsewhere." > > > Mode enabled by default. You can reach it from userland. Antivirus > > software, ASLR and all the other security mitigations are useless." > > > https://github.com/xoreaxeaxeax/rosenbridge. > > > On Tue, Aug 14, 2018 at 10:52 AM, Henry Baker <[email protected]> > wrote: > > Why do we even bother encrypting, when our chips are so corrupt? > > > This article strengthens my belief that *all* of our current chips > > have hidden backdoors thanks to Uncle Sam. No wonder China wants > > to design & build their own chips! > > > Anyone who thinks Intel CPU's don't have backdoors... is fucking stupid. > AMD... same, yet perhaps a slightly lesser form of corporate insidiousness. > Same for all cell phone CPUs and baseband processors. > Even "open" ARM and "closed" Apple cores are fully questionable. > Cisco products... fuck all backdoored. > Same for every Cable / DSL / Fiber / WiFi Modem / Router / Point. > IBM Power9... yep, gonna be some secrets in there too. > > Anything with any sort of CPU running any sort of OS... backdoored. > Doesn't matter where or who it comes from or who it's made for... > China... backdoored. > Boeing... backdoored. > > Only interesting thing is who has the keys. > > As said before, you must demand and create... > > #OpenFabs , #OpenHW , #OpenSW , #OpenDev , #OpenBiz > > You have zero trust until those happen. ZERO. > > > That 20 key dimestore calculator on your desk isn't backdoored. > If you're lucky. > > > Publishing the backdoors in Intel's products, and > all the others... makes a fine AP crowdfund target. > Because the Wikileaks model so far either didn't get > or hasn't published the scoop. >
