Ian Cutress muses upon rumors around SiFive, the forerunner of high-performance RISC-V cores.

  • spauldo
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    4
    ·
    1 year ago

    I don’t think it’s so much “security by obscurity” as it’s an issue of a much lower bar for chip production. Intentional back doors or malware represent a huge risk for a product line, so manufacturers won’t put them in without someone like the NSA leaning on them. It’s a simple risk/benefit calculation.

    But the risk is much lower if you can snag a processor design off the 'net, make your modifications, send it off to a fab and sell it under a fly-by-night operation. If it’s ever discovered, you take the money and run.

      • spauldo
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        4
        ·
        1 year ago

        I don’t see it as irrational. You’re thinking about it the wrong way round.

        Manufacturers buy chips from proven sources, where the chip can be traced back to the fab that made it. The entire system of trust is built on the assumption that the chip designers and fabs are trustworthy and that the shady stuff happens elsewhere in the supply chain.

        When the designers can’t be trusted, it breaks everything. Up until now it hasn’t been a problem except in extremely sensitive areas like military equipment - only governments can force a company to risk everything by compromising their own products. But take the risk away - make it cheap enough to design new microcontrollers - and what’s to stop a chip designer from taking money from (for example) the Russian mafia? IoT is huge, everywhere, and Risc-V is ideally suited for it.