[Cryptography] China Spies In SuperMicro Mobos - Exemplar #OpenFabs Required
Thierry Moreau
thierry.moreau at connotech.com
Sat Oct 6 14:45:46 EDT 2018
On 05/10/18 06:04 AM, grarpamp wrote:
> https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies
> https://www.bloomberg.com/news/articles/2018-10-04/the-big-hack-amazon-apple-supermicro-and-beijing-respond
> https://old.reddit.com/r/homelab/comments/9lapzs/big_supermicro_hack_how_many_of_us_bought_these/
>
> And NSA + countries et al in Intel, AMD, Microsoft, Phones...
>
> Fake news or not, you still cannot trust any closed thing.
However, I do not see any ISA (instruction set architecture) for which
the proprietary sub-components are absent or minimized. The matter
becomes worse as the level of system integration increases.
> And the real news keeps coming year after year after year.
> And the closed secrets, so many not ever published to you...
> You fools!
>
> So when will you learn, create, sell, and deploy your
> own proactive defense like...
>
> #OpenFabs , #OpenHW , #OpenSW , #OpenDev , #OpenBiz
>
> These things are possible! And immensely profitable as a feature.
Cost-effectiveness in the short term, and long term procurement
reliability are serious issues.
My best attempt so far is ARM-based, in a SOC configuration targeted at
TV set boxes, for which hobbyist boards are almost cheap, and long-term
support should remain as the consumer market segment is stable. U-boot
and Linux kernel support by the community is good. The vendor claim for
open hardware is an overstatement.
The tradeoff is remaining proprietary aspects, including boot details,
GPU (which I don't use), and crypto accelerator (which I don't need
given the main CPU power).
> Do them.
> Now.
>
- Thierry
More information about the cryptography
mailing list