Stories
Slash Boxes
Comments

SoylentNews is people

posted by chromas on Monday September 02 2019, @12:02PM   Printer-friendly
from the knock-me-over-with-a-feather dept.

Michael Larabel over at Phoronix got his journalism on to produce this interesting story:

We were tipped off today that AMD's Head of Platform Firmware, Edward Benyukhis, publicly posted on LinkedIn that he is "looking to hire someone with solid Coreboot and UEFI background." If you have Coreboot experience or know someone who is, see LinkedIn for contacting Benyukhis.

Oh, and they're also one of the sponsors for the Open-Source Firmware Conference next week. Does this mean I may actually get to use a computer that isn't about to hit a decade old and without a functional hardware rootkit sometime soon?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by RamiK on Monday September 02 2019, @05:13PM (5 children)

    by RamiK (1813) on Monday September 02 2019, @05:13PM (#888890)

    Does this mean I may actually get to use a computer that isn't about to hit a decade old and without a functional hardware rootkit sometime soon?

    Coreboot and libreboot let you deprive the on-die microkernel from ethernet and usb drivers so it can't serve your system on a platter for the fab, fabless and affiliates. However, you still can't be sure about off-spec instructions that prefix the loading of signed & encrypted instructions so you can't run arbitrary (binary) code you haven't vetted. On paper, javascript should still be fine... But of course, we know better than that so that leaves you with a potential backdoor.

    That's where OpenPOWER is different: The AST2500 running the (Open)BMC can be replaced by the vendor with something trustworthy like a DSP with a fixed length ISA and tight real time constraints or that's fabbed on a node big enough for you to verify with an electron microscope.

    For a trustworthy CPU you're basically out of luck until the Mill's "exposed pipelines" become real. That is, when the compilers know how much time each and every operation takes, it will be possible to fuzz for hidden instructions on one core while running dummy threads on the others. So, when you stumble on something that shouldn't be there, a delay will occur that will throw your other threads out of whack. Ideally you'd also want to sample the output with a real logic probe to verify decoding isn't branching independently off the system clock... But that's for the EEs to figure out.

    --
    compiling...
    Starting Score:    1  point
    Moderation   +2  
       Informative=2, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   4  
  • (Score: 0) by Anonymous Coward on Monday September 02 2019, @09:46PM (4 children)

    by Anonymous Coward on Monday September 02 2019, @09:46PM (#888991)

    Do you really think the NSA wants to watch your porn that badly?

    • (Score: 2) by The Mighty Buzzard on Monday September 02 2019, @10:00PM

      by The Mighty Buzzard (18) Subscriber Badge <themightybuzzard@proton.me> on Monday September 02 2019, @10:00PM (#888993) Homepage Journal

      I dunno about his but mine's top shelf stuff.

      --
      My rights don't end where your fear begins.
    • (Score: 2) by RamiK on Monday September 02 2019, @10:25PM

      by RamiK (1813) on Monday September 02 2019, @10:25PM (#889004)

      Do you really think the NSA wants to watch your porn that badly?

      In case you haven't noticed, the internet is going through an ol' school high-seas piracy age with government contractors on all sides buccaneering for profits and lolz and we're all just one leak [arstechnica.com] away from being exposed to their random ransomware worms.

      --
      compiling...
    • (Score: 2) by Immerman on Monday September 02 2019, @10:33PM (1 child)

      by Immerman (3985) on Monday September 02 2019, @10:33PM (#889005)

      Maybe not, but I suspect that they're extremely interested in keeping detailed tabs on everyone in order to spot the 1-in-10,000 individuals that might eventually threaten to bring some democracy to our government. And frankly, I want as many such individuals as possible to slip under the radar until they have a chance to do some good.

      • (Score: 0) by Anonymous Coward on Tuesday September 03 2019, @07:47PM

        by Anonymous Coward on Tuesday September 03 2019, @07:47PM (#889269)

        That's hate speech.
        Why would you want anything different than what has been already planned for you and everyone else?
        Do you think you know better than the cultural experts with degrees in Kweer Studees?