http://www.bbc.com/news/technology-40326544
A European Parliament committee wants end-to-end encryption to be enforced on all forms of digital communication to protect European Union (EU) citizens. The draft legislation seeks to protect sensitive personal data from hacking and government surveillance. EU citizens are entitled to personal privacy and this extends to online communications, the committee argues. A ban on "backdoors" into encrypted messaging apps like WhatsApp and Telegram is also being considered.
[...] "The principle of confidentiality should apply to current and future means of communication, including calls, internet access, instant messaging applications, email, internet phone calls and personal messaging provided through social media," said a draft proposal from the European Parliament's Committee on Civil Liberties, Justice, and Home Affairs.
(Score: 2) by bob_super on Thursday June 22 2017, @05:53PM (1 child)
I used to sell chips with ARM cores inside to military suppliers.
I was not allowed to listen to the Classified discussions between our Cleared guys and theirs, but whatever was revealed in those briefings did not prevent the chips from being considered in the context of Classified programs.
(Score: 1) by pTamok on Thursday June 22 2017, @08:30PM
You don't say if you worked for ARM, a foundry, or someone else. I'll guess not ARM.
If the foundry using ARM's intellectual property were a trusted foundry, then there's no problem. It doesn't mean ARM processor cores in general should be trusted, it just means that chips built in trusted foundries using ARM's intellectual property might be trustworthy for your purposes, assuming the foundry is trusted by you.
ARM do not sell chips, they sell licences to implement their chip design. Once you have their HDL, you can audit it, but you also need to make sure the implementation in the foundry is trustworthy. Quite apart from someone adding a hardware module that you don't know about in the HDL, there are hardware hacks to compromise chips that are difficult to detect for example: https://phys.org/pdf298789584.pdf [phys.org] . The paper two which it refers should be at http://people.umass.edu/gbecker/BeckerChes13.pdf, [umass.edu] but is now a 404. The Internet Archive has a copy here: https://web.archive.org/web/20140209150713/http://people.umass.edu/gbecker/BeckerChes13.pdf [archive.org] - it is interesting reading.
ARM may well be selling designs without back-doors. But ARM have no control over what you subsequently do to the design.
(By the way, although I'm talking about foundries and HDL, foundries don't actually get to see the HDL - they get layout masks. They key point is, though, that you have to be able to verifiably trust all stages in the chip's manufacture.)