The notion of an extra embedded CPU or two on big Intel chips is not difficult to credit, but where is the postulated entire minix OS loaded from?
If our hosts cannot be trusted not to phone home to folk wearing dark glasses, then would it not suffice to employ a simple embedded host with a small die, such as an ARM, e.g. Beaglebone Black, as a firewall? Buy two, take the lid off the chip on one, to confirm that there's only enough silicon complexity to provide one RISC CPU, and paranoia might be able to be reigned in. With a microscope, purely optical or USB, it is not that hard to identify recognisable structures such as ALU, registers, ROM, etc. Any second CPU capable of running a TCP stack would show up. If that's not enough, then an ethernet sniffer running on unsubvertible low level 16 bit embedded hardware, running a low level RTOS, could monitor traffic to the firewall, logging all destination IPs, protocol, etc., revealing unwarranted traffic. Conspiracy theories are lotsa fun, but if there's a problem with substance, then restoring user control needn't be that hard, I figure. Erik _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
