Conversation

Notices

pistolero (p@fsebugoutzone.org)'s status on Thursday, 20-Feb-2025 11:15:52 JST pistolero
@Suiseiseki @dj @ins0mniak @lanodan @phnt @ryan

> Yes, the attacker just exploits each of the 4 backdoors in sequence.

The joke is that the nation-states involved have compelled the manufacturer to put backdoors into the software and that the architect of that network is relying on adversaries not sharing secrets with each other.

That is, the joke is that proprietary software is assumed to be compromised by state actors and he hopes to work around this by relying on the state actors' adversarial relationships.

> You'd really want to use an KGPE-D16 GNUbooted systemd, as the Opteron 62XX processors appear to not even come with a backdoor processor.

I don't think they make GNUboot for ARM SOCs/SOMs.

In conversation about 2 days ago from fsebugoutzone.org permalink
- 翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Thursday, 20-Feb-2025 11:16:53 JST 翠星石
  in reply to
  @p @dj @ryan @phnt @ins0mniak @lanodan >the joke is that proprietary software is assumed to be compromised by state actors and he hopes to work around this by relying on the state actors' adversarial relationships.
  Yes, I saw that immediately, but a good joke doesn't rely on false premises that cause the security to totally fall apart, which is what I was pointing out.
  
  >I don't think they make GNUboot for ARM SOCs/SOMs.
  Those are future targets, but for ARM stuff coreboot is not relevant, you need a free version of u-boot instead.
  
  In conversation about 2 days ago permalink
- pistolero (p@fsebugoutzone.org)'s status on Saturday, 22-Feb-2025 07:55:31 JST pistolero
  in reply to
  @Suiseiseki @phnt @dj @ins0mniak @lanodan @ryan You wouldn't need to reverse a RISC-V.
  
  In conversation about 9 hours ago permalink
- 翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Saturday, 22-Feb-2025 07:55:32 JST 翠星石
  in reply to
  @phnt @dj @ryan @p @ins0mniak @lanodan >ARM booting is such a mess that it's very likely not worth the effort.
  ARM booting is bad, but certainly isn't as bad as booting AMD64.
  
  >Every SOC manufacturer does their own thing without publicly publishing the specs for it.
  The 2 AMD64 CPU manufacturers also do that and it seems that reverse engineering an Aarch64 SoC and writing free init would be easier than reverse engineering a AMD64 CPU and chipset.
  
  In conversation about 9 hours ago permalink
- Phantasm (phnt@fluffytail.org)'s status on Saturday, 22-Feb-2025 07:55:33 JST Phantasm
  in reply to
  @p @dj @ryan @Suiseiseki @ins0mniak @lanodan
  
  >I don't think they make GNUboot for ARM SOCs/SOMs.
  ARM booting is such a mess that it's very likely not worth the effort. Every SOC manufacturer does their own thing without publicly publishing the specs for it. For example even the reset scheme and vector are implementation specific. At least when you get out of hardware bootstrap, things are somewhat normal, but at that point it's already the bootloader's job to boot the system, the firmware has mostly done it's thing.
  
  And from what I know about RISC V, they haven't learned from this.
  
  In conversation about 9 hours ago permalink
- 翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Saturday, 22-Feb-2025 07:56:12 JST 翠星石
  in reply to
  @p @dj @ryan @phnt @ins0mniak @lanodan RISC-V is merely an instruction set reference with some sample hardware designs, which really need to be shoved into a SoC and then manufactured if you want to use them.
  
  Just because an instruction set is documented doesn't mean that the init required for the SoC won't be absolutely proprietary and require reverse engineering.
  
  All fast RISC-V SoC's I've looked at (i.e. with DDR4) use proprietary software for RAMinit.
  
  In conversation about 8 hours ago permalink

Public

Notices

Feeds