On 19 Dec 2016 23:05 Roman Mamedov wrote: > > It can mess with your apps, OS and > security in all sorts of interesting ways, and you can NOT be absolutely > certain that it doesn't.
No, but you can say the same about any complex system unless you built it yourself. How do you know for sure the processor you are using doesn't have an undisclosed equivalent to ME? If it's been audited, how do you know the company doing the audit isn't compromised? Not much point rehashing the entire Trusting Trust discussion. I'm going to rely on Intel not wanting to sabotage their own company but still wish they would provide better documentation and while I'm at it, an easily accessible jumper or BIOS switch to disable it. Meanwhile, I'll focus on standard security practices such as OS hardening, network firewalling, sandboxing, etc. I'm fully prepared to retract this if actual evidence shows up but at this point all of these have a better ROI against attackers than chasing shadows or worrying about FUD. -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
