πŸŒ±πŸ΄β€πŸ…°οΈπŸ³οΈβ€βš§οΈπŸ§πŸ”§πŸ“Ž Ambiyelp

Did you know theres likely a cryptographic lock on your computer that can prevent you installing whatever OS you choose (likely if it was made in the last 2 decades)

For intel its called Intel Management Engine for AMD its called AMD Platform Security Processor

These are closed environments isolated from the rest of the machine that perform security checks on the OS as it is booting

State and capital know personal computing is a double edged sword and can give proles too much power: so they've been quietly building locks at the core of your computer so you don't understand the freedom that is being taken from you.

When activated it would be trivial to outlaw any OS that isnt government approved like already happens in North Korea.

The only way I can think of to get around this is to support Open Source Hardware projects especially those building open source CPUs and full motherboards there are very few of them but most seem to be building on the RISC-V standard instruction set.

#OpenSourceHardware #RISCV #Anarchism #NorthKorea #Capitalism #IntelMangementEngine #AMDPlatformSecurityProcessor

Mar 2 at 8:04pmWeb
Show threadEliΕ‘kaMar 2
@ambiguous_yelp Also projects like CoreBoot and LibreBoot are a godsent. If someone has for example an older ThinkPad or a Dell laptop, it might be worth a shot installing an open BIOS like like. As far as I know this completely gets rid of the IME or the AMD equivalent.
Show threadπŸŒ±πŸ΄β€πŸ…°οΈπŸ³οΈβ€βš§οΈπŸ§πŸ”§πŸ“Ž AmbiyelpMar 2

@eli_b_rarian

I want everyone with compatible hardware to be able to do this I mean everyone - if you need to be tech literate to install a different OS then not everyone will have that freedom. It is on those of us with tech literacy skills to develop tutorials and guided workflows/wizards.

#Ableism #Capitalism #Anarchism

Show threadEarlMar 2

@ambiguous_yelp
I had no idea. But now I know. And it looks like:

If the firmware (including the Secure Boot keys and related security components) is never updated, then the OS would generally remain bootable under the existing trust configuration, even if the OS later becomes "unapproved".

Show threadAzuaronMar 5
@ambiguous_yelp
Show threadπŸŒ±πŸ΄β€πŸ…°οΈπŸ³οΈβ€βš§οΈπŸ§πŸ”§πŸ“Ž AmbiyelpMar 5

@Azuaron I'm at the stage now where I've heard enough about this movie from the circles I'm in that I'm starting to trust it will be a good movie.

Also I like mr robot so I bet I'll like this

Show threadAzuaronMar 5

@ambiguous_yelp Oh boy. So, I love Hackers because it was a big part of my childhood. I don't know that I can say it's a good movie. Keep your expectations in check, appreciate the cheesiness, and there's a chance you'll have a good time.

Then Hack the Planet.

Show threadLightMar 11
@ambiguous_yelp
Do you have proof of this?
Show threadπŸŒ±πŸ΄β€πŸ…°οΈπŸ³οΈβ€βš§οΈπŸ§πŸ”§πŸ“Ž AmbiyelpMar 12
@light Which part? The existence and function of IME and AMD-PSP are simple to research.
Show threadLightMar 12
@ambiguous_yelp Wikipedia says that AMD-PSP is a perfectly normal TEE: https://en.wikipedia.org/wiki/AMD_Platform_Security_Processor
It says "critics worry it can be used as a backdoor", but only cites this to back it up: https://www.eteknix.com/expert-says-nsa-have-backdoors-built-into-intel-and-amd-processors/ which contains a disclaimer from the original researcher saying they misinterpreted his research.
Do you have any evidence to suggest that there actually are backdoors in our computer hardware?
AMD Platform Security Processor - Wikipedia

Show threadπŸŒ±πŸ΄β€πŸ…°οΈπŸ³οΈβ€βš§οΈπŸ§πŸ”§πŸ“Ž AmbiyelpMar 12

@light Its proprietary software its guilty until proven innocent. Its black box code that no one but people with a financial incentive toward it can verify what it does

#FLOSS #Surveillance

Show threadLightMar 12
@ambiguous_yelp https://seirdy.one/posts/2022/02/02/floss-security/
The right thing for the wrong reasons: FLOSS doesn't imply security

While source code is critical for user autonomy, it isn't required to evaluate software security or understand run-time behavior.

Seirdy’s Home
Show threadπŸŒ±πŸ΄β€πŸ…°οΈπŸ³οΈβ€βš§οΈπŸ§πŸ”§πŸ“Ž AmbiyelpMar 12

@light FLOSS doesn't imply security but Proprietary implies insecurity. The reason FLOSS appears to have more security problems is because everything is in the open so the problems can be fixed. The security problems you have to worry about are the ones that you don't know about

#FLOSS #Security

Show threadLightMar 12
@ambiguous_yelp
>Proprietary implies insecurity
It doesn't, apparently. I'm not an expert but that article describes how people can detect backdoors and vulns with black-box techniques without access to the source code.
Show threadπŸŒ±πŸ΄β€πŸ…°οΈπŸ³οΈβ€βš§οΈπŸ§πŸ”§πŸ“Ž AmbiyelpMar 12
@light Its easier to detect sec vulns when you have access to the source code
Show threadLightMar 12
@ambiguous_yelp True. But apparently it's still possible when you don't, contrary to your claim that "no one but people with a financial incentive toward it can verify what [proprietary code] does" and "Proprietary implies insecurity".
Show threadπŸŒ±πŸ΄β€πŸ…°οΈπŸ³οΈβ€βš§οΈπŸ§πŸ”§πŸ“Ž AmbiyelpMar 12
@light Ok it doesn't imply it but its still much much harder to make proprietary code secure, not least because its easier for govts to force backdoors into proprietary code. Lets say researchers found a backdoor in the TPM chip, or the companies are suddenly forced to add one by the govt, cool, how long has it been there and what are you going to do now? Buy another board? It makes more sense to be resilient against threats like that way ahead of time