Bruce Schneier’s blog. Includes link to slides:
https://www.schneier.com/blog/archives/2018/06/thomas_dullien_.html
Link to video (Google Analytics, etc. on website):
Excellent presentation by Thomas Dullien of Google Project Zero regarding complexity vs security in hardware and software. The presentation is titled “Security, Moore’s Law, and the anomaly of cheap complexity”. I included the Schneier link above as he also provides a link to the slides.
We are often discussing hardware, software, and always concerned with both, thus I find this very relevant to Librem and other hardware.
2 Likes
@shagreen Fascinating presentation, thanks for sharing. Particularly compelling was Dullien’s discussion of the Row hammer exploit to demonstrate the strong link between hardware reliability & security, and the impossibility of designing software that can operate securely on untrusted hardware.
Pretty much validates Purism’s mission to start by freeing the hardware, and focus on selling a device that users can truly control, unlike anything else currently on the market.
On a related note, I hope future iterations of the Librem 13 will offer the option for ECC DDR4 w/TRR memory as a paid upgrade for those interested. (is this on the Librem road map?)