Self-explanitory thread, for discussing hardware problems or methods of facilitating backdoors, as well as discussion of mitigation.
1 Like
See also:
INTEL-SA-00086 does not affect the Librem 14 since it uses a 10th generation CPU (Comet Lake), but it affects the entire Librem 13/15 product line.
1 Like
Most people would think of a backdoor as something that was intentionally put there. Where is the line between bug and backdoor? Is INTEL-SA-00086 a backdoor?
1 Like
At risk of distracting users from very important issues, is it possible that my post here (Are the Intel NSA backdoors fully disabled on all devices? - #23 by Dlonk) is better served by being moved to this thread?
That being said, after some reflection, I regret my conclusion that sounded as if we should all give up on computer security in that post. Ultimately, I do not believe we should give up. A better way for me to say it is that I believe I will most likely fail, but that it is nevertheless worth trying whenever we have available information that might help us to secure ourselves as best as possible.
1 Like
This should be an interesting thread.
My first question would be: when you say hardware backdoors, do you mean strictly hardware manipulations or would you also include very low level system firmware like ACM, fsp-m/fsp-s/fsp-t, microcodes, CSME runtime and modules and all the crap necessary to even have a CPU online?
If we should consider low-level firmware acting directly on basic hardware and possible backdoor there, I would say that anything being open-sourced is the mitigation (scrutiny) and anything closed-source or even totally undocumented, should be considered as potential backdoor - and unfortunately we can do nothing about this except being forced to trust third-parties we should not trust because we don’t know if they are working in our best interests or anyone else’s interests.
As for strictly hardware implants or manipulations, who knows? Creativity is endless, ranging from NSA’s Ants Catalog to smd resistors (or so you think) that tap onto the LPC bus IN/OUT lines between the TPM and the controller and are in fact a tiny SOC spying TPM secrets as they travel by…
1 Like
Probably a safe bet, I created this thread to kinda help clean up that other thread anyway. But also needed its own discussion.
Well you normally don’t take the garbage out the front door. Social faux pas with the neighbors. Secondly, the building code may require it.
(Use these as metaphors.of course.)
1 Like
Hardware, firmware, or exploitation of hardware in an out-of-band method.