On 05/07/13 17:26,
inf...@gmail.com wrote:
> On 07/05/13 16:07, Joanna Rutkowska wrote:
>> ...
>> AFAIU this is an extension of one of the idea described in this post:
>>
>>
http://theinvisiblethings.blogspot.com.au/2011/12/trusted-execution-in-untrusted-cloud.html
>>
>
> "In practice this comes down to also trusting the US government :)"
>
>> ...
>> In any case, this is a very interesting project.
>
> This is a really interesting idea, but a Three Letter Agency is a pretty
> hard adversary, even for TPMs, and even if there is no co-operation from
> the Cloud provider (or CPU mfr)
>
> Apropos, some people might be interested in the legal/policy report
> mentioned in this <
http://www.bbc.co.uk/news/technology-21263321> news
> story. It points out that because of an unnoticed addition of three
> words ("remote computing services") in a 2008 law, US Cloud companies
> can be compelled to install secret permanent facilitates for
> mass-surveillance *inside* the datacentre (in hardware and/or the
> software fabric). Previous such US laws for *continuous* surveillance
> only affected telcos/ISPs (of course PATRIOT s.215 can also be used to
> get at defined chunks of data)
>
Generally, for any OS or computing platform, there remain at least thing
we always need to trust. This is the CPU. So, before we can have open
source, 3D-printed, DIY processors, we will always need to trust the US
government (or any other government where the processor design and
manufacturing is to be conducted).
<digression>
This, of course, brings a question of what processors should be used in
those first 3D printers that will create the first open source
processors? As well as on the desktop computers which will be used for
creation and review of the design? Can they be trusted not to introduce
backdoors into the printed processors?
In practice I think creation of such backdoors would be Very Difficult,
so I personally wouldn't loose much sleep about that possibility. But
theoretically it's an interesting problem of how the mankind cannot
really never(?) fully escape from the trap of proprietary software
hardware...
</>
More on CPU backdoors (if one wants to waste more time on unsolvable
problems, rather doing something useful, such as contributing to the
Qubes OS ;):
http://theinvisiblethings.blogspot.com/2009/06/more-thoughts-on-cpu-backdoors.html
joanna.