On Mon, Jun 17, 2013 at 08:16:54AM -0700, Andy Isaacson wrote: > It's true that in the limit, we can never be sure that a given piece of > hardware contains no trojans. However, there are many ways that a > trojan could be implemented which could be found with available > techniques. It would be extremely enlightening to find one such and > publicize it.
The next-best thing next to true open hardware with fully verified toolchain is http://en.wikipedia.org/wiki/Lemote which rms happens to use, or used to use. "Netbook computers[edit] Yeeloong The Yeeloong netbook computer is intended to be built on free software from the BIOS upwards, and for this reason is used and recommended by Richard Stallman as of January 23, 2010[4] and September 2008.[5]" For lower values of professional paranoia (and easier availability) you could probably pick a http://www.coreboot.org/Welcome_to_coreboot supported VIA board with a VIA C7 (with a hardware RNG that is a lot more trustable than Intel's, and also some crypto primitives support) and put FreeBSD or OpenBSD on it. Extra paranoid would keep secrets in an USB dongle (e.g. one from http://shop.kernelconcepts.de/index.php?cPath=1_26 ) Sun released OpenSPARC as source, but unfortunately "forgot" the crypto primitives. There are some options on http://opencores.org/projects which could eventually result into something deliverable to your FPGA core. > So while I agree with your statement that we can never be completely > sure, nevertheless building tools and trying them out is a valuable > field of study. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at [email protected] or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
