Just saw The Linux Experiment YT his Linux Open Source NEWS video at 01:34 “ADM moves to open source firmware”, searched the net saw news there also where it being said happening by 2026!. Good news with another company moving in the right direction for security and additional privacy!
A link to such news would be nice that people can validate such news. However that’s true in this case. Here’s an AMD source.
If true, this is fantastic!!!
Too bad, nothing about opening the source of the “trusted execution environment subsystem” of the PSP firmware “Platform Security Processor”
Could have been good to get rid of this backdoor
I’m sorry but what should be a good news just pisses me off
I feel they do a magician trick on us : Look at my right hand called openSIL !! (so you don’t look a my left one called PSP)
Here a more complete diagram I made from what they provide, so everyone understand better:
Here what they say with this:
AMD believes one of the ways to attain an improved security posture is to open Silicon Initialization Firmware architecture, development, and validation to the open-source community
If they truly believes this HOW COULD THEY FORGET TO OPEN FU#%*$G PSP ???
From 2017 : https://hothardware.com/news/amd-confirms-it-will-not-be-opensourcing-epycs-platform-security-processor-code
Some work has been done to deal with PSP, but I don’t know how good it is
They didn’t forget, they just came to a different conclusion for possibly many different reasons. And it shouldn’t take away from what they did do.
It’s possible existing contracts prevent them opening up PSP, it’s possible that they plan to see how this first part actually plays out before opening further, it’s possible that they will move away from PSP to something else, there are so many possibilities here.
My guess is it’s likely a combination of things like contracts with governments preventing release of PSP source, and the way around that is to move to something different later, though there’s the risk of losing new contracts to Intel if that is a requirement which could be less profitable for the business so it may not be a feasible path for them.
Realistically I think more pressure could be applied to change government requirements and that would make progress faster than trying to push chip makers. Ultimately chip makers are listening to their largest and most profitable customers.
I didn’t really expect an answer to that rhetorical question
It’s purpose was to highlight the hypocrisy of their political announce :
=> “Hey guys we believe open source is an answer to a better security for all products”
but at the same time
=> “Nope the most sensitive “security” subsystem, must stay closed source on our products”
You can have one way or the other, but not both at the same time
You really belief in marketing speech? I mean it’s not even clear if everything is true what they’re writing on this page (look at disclaimer). OpenSil is something the industrie needs like RiskV and that’s why AMD is creating it in cooperation with other big players. It’s not for us as daily users, but we also benefit, because it’s easier to maintain 1 system instead of OpenSil for Epycs plus AGESA for Ryzens. I think that’s the reality behind that plan.
However, it’s one of the very few moves where all benefits (AMD, industry and end users) and at least we also have a bigger open source foot into the door. This way it’s something that I cannot see negative. And btw, PSP is (on your screenshot) “already broken” - you can disable it on some motherboards as far as I know (not clear if completely or not).
Yes, we don’t know, and there are many possible explanations, and we can only speculate. Perhaps some tech journo should ask them?
Maybe AMD could get rid of the PSP completely. Problem solved.
Unlikely since it currently solves a lack of control problem for those that need/want it.