Contributed by grey on from the do you trust your microcode dept.
(Comments are closed)
OpenBSD Journal
Contributed by grey on from the do you trust your microcode dept.
(Comments are closed)
Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]
By grey (207.215.223.2) on
While a completely open system is a lofty and arguably necessary ideal from a security perspective, there is a certain amount of trust that must be given simply due to the environment we currently have. As such, expectations that hardware vendors provide enough documentation and resources so that FOSS can use their hardware is not really asking too much in my opinion.
Comments
By Anonymous Coward (195.122.29.101) on
OpenBSD developers could make ultra-secure processor architecture and make hardware, which would be unltra-supported in openbsd?
That would be supadupa arch for paranoids and obsd fans :D
it will be like this in one day.
Comments
By James (141.154.29.77) on
Really? What's the website address. I wanna peep the specs.
Comments
By Anonymous Coward (24.201.62.155) on
Comments
By Brendgard (69.10.194.180) brendgard@yahoo.com on http://websitegurus.us
Comments
By James (140.247.214.30) on
By Sean Brown (204.209.209.129) on
Comments
By Anonymous Coward (209.52.126.5) on
Comments
By Sean Brown (68.147.170.205) on
I'm sure he did joke about it before, but everyone bashes it over his head now with no proof he ever said it, I'm sure its getting really old now.
By Anonymous Coward (151.188.247.80) on
I do not run wireless at home. I do not run wireless at work (others do, but I don't). The above, and the requirement of proprietary software in my OS kernel to run them, are the reasons why.
As for other hardware, like ATI's and nVidia's newer video boards, I refuse to buy them. Period. I'm not a "hard core gamer" who's likely running Windows anyway; I use my computers to do work. I have no problem with ATI's cards that are fully supported by Free Software and will happily buy older cards which do what I need (read: display X11 at a decent resolution with 3D acceleration enabled). I will not purchase an Intel Centrino-based machine for this same reason; they're not fully supported by Free Software and thus provide me with no benefit over, say, an AMD laptop or Pentium III/4 laptop.
The first thing I check for, in any given piece of hardware, is, "is it supported by Free Software?". If more of us did this before the purchase, and actually stuck by our guns, then we might not have these wireless, video, etc. problems that we have today. Vote with your wallets, folks. My computers, bought and built with exactly this philosophy in mind, are a pleasure to use, so it is possible and really isn't hard.
Comments
By SH (82.182.103.172) on
By Anonymous Coward (213.224.83.135) on
By reksio (194.29.137.67) on
Author's fears about security are somewhat exaggerated.
How sophisticated firmware code should be to pose a security threat?
Intercepting a ssh session would be extremly difficult if not impossible at all. We're rather talking about relatively simple harware here. Moreover, does an operating system really executes this "closed source component"? I don't think so.
Comments
By tedu (67.124.88.142) on
By Anonymous Coward (69.138.29.155) on
Let's see. It has access to your computer bus.
If it is on a same segment as a video card, it can leak all what you see on the monitor. The case of the keybord data going trough the same bus brings nice keybord capture application in mind.
The sofistication of the board may not seem so big, but don't forget that most of the ICs are programable. They can be reconfigured on the fly.
On the other sise it would be unfeasable to develop universal hacking instrument working on all boards and system configurations.
But in turn the possibilities are endless if sufficient information about the system is leaked out and wireless card is approprietly "patched" over the air. This is the before mentioned possibility of the back door.
sanity check:
Most mother boards don't route keybord information over the periferial bus. Most MBs also have the video card build in so the data should not go trough the external bus either.