Discussion:
[Arm-netbook] bunnie about riscv - NSA in today's CPUs
dumblob
2017-08-03 19:40:05 UTC
Permalink
https://brmlab.cz/user/jenda/intel

One evil HW comparator and we're all screwed :-(
It was very informative. A lot of the technical matter I did not
understand.
This was a GREAT talk. Thanks for the link.
23.04 The 2 lowermost boxes?
1) PDK / Foundries. The factories in which the chips are made in. They're
not open. They're proprietary and there's a implication of trust.
2) Equipment / Raw Materials. The equipment that makes the chips and the
raw materials that go into the chips. All a very cloudy and and murky area
that is not open, and very proprietary.
He's basically saying that those that want *100%* open source hardware
would require infinite recursion down to the raw components, which is
impossible. That's the whole point of the talk. The 'impedance mismatch'
thing is a sort of metaphor to describe the unrealistic expectations of
those idealists that want 100% open source hardware. He's saying it cannot
happen today. And BTW I've met Bunnie on several occasions, he's legit,
and you can trust what he's saying to be technically correct. He's the
real deal.
What is a stepper?
A stepper motor. That is, do you trust the motors that move the machines
that made the integrated circuits?
What is fuse?
https://electronics.stackexchange.com/questions/1262/what-are-atmel-fuses
25.15 The 4 lowermost boxes?
* BIOS
* Firmware
* Hidden / fused silicon blocks - Blocks of silicon on the chip that aren't
Intel, AMD, Nvidia, and it's anyone's guess as to what their real purpose
is. That leads to conspiracy theories, as Bunnie said. This is a problem
because if you put a chip like this into an open source laptop, it begs the
question of what would happen if something turned on that section and
started execution code from it? Nobody will know until (A) documentation
is leaked from the company or (B) someone reverse engineers it. Basically
if you use anything application processor chip made in the last 5-10 years,
you probably have some hidden / fused silicon blocks doing god knows what.
* Pre-boot microcode - Microcode (https://en.wikipedia.org/wiki/Microcode)
that executes BEFORE your computer boots. This is a big deal, because
everything that happens after this point can be considered suspect.
(similar to how a boot virus would spread because it executes first).
* IP industry practices - Intellectual property used by silicon
manufacturers that are not open. What he's saying is, say that you're a
silicon vendor and you just bought a intellectual property from ARM to make
an ARM chip. They're giving you HDL (hardware description language) and
netlists (a large list of the connections to be made in the die), and guess
what, they gave them to you encrypted so that their intellectual property
is safe. You (the guy that runs a third party chip factory) cannot review
or inspect the intellectual property that ARM gave you. The point here is
that unless you're using an open source (RISC-V, etc) core, then using an
ARM isn't really 100% open source hardware.
* Mask trojans & glitches - These are malicious things in the CPU die
itself, that even if you were looking at the silicon die under a microscope
and studying it, you'd still completely miss it. Very nasty but they
exist. Hackaday.com has a lot of interesting articles that break these
sort of things down in layman's terms. Very interesting. Basically
because these exist, there's no way to know that you are really executing
what you think you are executing unless you built the foundry and
supervised the chips being made, and analyzed everything that went into the
manufacture of them. It's a trust problem.
These are all highly complex subjects that hardware engineers like Bunnie
deal with a lot, and other (I'll say idealist) software guys probably have
never thought of. They're important in that when you realize that they're
there, you will then understand how silly wanting 100% open hardware really
is. It's a huge problem that hardly anybody is trying to fix.
Recently the 6502 was completely dissected and recreated, so that's one of
the only fully documented (and I'd say fully trusted) cores out there
today. And that was made probably before I was born. Everything since
that should be assumed to be compromised and < 100% open. Oh, and even
then, the 6502 would have to hook up to OTHER chips like flash, RAM, and
whatever generates the video and handles the peripherals. Those have not
been completely dissected, and could be suspect. Do you see what Bunnie
means now? That's the impedance mismatch.
P.S. my apologies to LKCL and others, I don't have a plain text email
client.
_______________________________________________
http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
_______________________________________________
arm-netbook mailing list arm-***@lists.phcomp.co.uk
http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
Send large attachments to arm-netbook@
Luke Kenneth Casson Leighton
2017-08-04 05:26:03 UTC
Permalink
---
crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68
Post by dumblob
https://brmlab.cz/user/jenda/intel
One evil HW comparator and we're all screwed :-(
thank you for the link, blob - please don't top-post without cutting context.

l.

_______________________________________________
arm-netbook mailing list arm-***@lists.phcomp.co.uk
http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
Send large attachments to arm-netb

Loading...