On 1/11/16, Blibbet <blibbet@gmail.com> wrote:
... The physical protections mentioned above do not, however, resolve the problem of the attackers subverting the laptop hardware at manufacturing
USB Armory has schematics available, and you can verify the (locked) bootloader on it as well. verifying these schematics, that's a bit more difficult. (for another thread :)
or shipment stages. This includes, naturally, a potentially conspiring laptop vendor.
i get my Armories from Josh, in person, and he's legit. i haven't ruled out tampering in the bulk shipments he gets, however. (ongoing... :)
In order to address this latter problem we – the industry – need to come up with reliable and simple methods for comparing PCBs with each other. A tool analogical to ‘diff’, only working for PCBs rather than on files.
yup, those are worthwhile techniques. you've got the Gerbers, so to speak, in USB Armory, and could do a limited run yourself with a local vendor (local meaning maybe only a couple states away, depending.) best regards,