I am fucking scared of the mass surveilence nightmare direction that the internet and the world as a whole is going towards… C2PA, france hacking itself into citizen phones, the UK anti encryption law, EU’s chat control, etc. Im also sick of and hate the “you will own nothing and be happy” mentality that corpos try to push. I dont wanna know how the world will look like in 5-10 years.
Idk what you’re talking about, it’s been done plenty of times?
Plus we dont even really know what new “Security” tech their cooking up nowadays. Especially with in-house chips like Apple M chips.
Meltdown Redux: Intel Flaw Lets Hackers Siphon Secrets from Millions of PCs
This is why we need RISC-V.
Even phones have security chips in them these days.
Fun fact: Intel introduced the Management Engine right around the time they joined the NSA’s PRISM program.
A “security chip” is just any trusted hardware secure element that is tamper-proof and holds a manufacturer key, right?
Some implentations are going to have that as an available peripheral, and some are going to have it as in charge of the whole system, and one of those setups is fine.
Or I suppose it is fine until a lot of people actually use it. Then it starts to become a problem for people who don’t feel like consenting to putting on whatever handcuffs people want to use the system to know that they are wearing.
I feel like the management engine card is sneakily changing the threat model in the middle of the conversation.
Is it bad? Yes. Is it a big source of security holes? Absolutely.
Is it a way that Facebook is going to profile you to try and sell you to advertisers? Or a reason why you can’t ditch Windows? No.
What does ditching windows have to do with security chips? OS sits above the hardware so that does not make sense. Any linux distro is just as susceptible as it stands.
No ones worried about social media companies messing with your hardware (not yet). That’s off-topic. Besides, legally nothing stops Intel or AMD from just selling the harvested data to Fb or whoever so that point is kind of moot too.
Actually news just broke as I was writing this and guess what. Now there is a bug allowing browser exploitation of the CPU using… Javascript! What a time to be alive…
https://arstechnica.com/information-technology/2023/07/encryption-breaking-password-leaking-bug-in-many-amd-cpus-could-take-months-to-fix/