-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/28/2015 07:22 PM, Seth wrote:
On Tue, 28 Jul 2015 15:40:55 -0700, oshwm <oshwm@openmailbox.org> wrote:
So is anyone working on building an 'openfab' or is it such a big task that everyone just backs away in horror? :D
My understanding is that the capital costs involved with building and operating a chip fabrication plant are astronomical, although the situation may be getting better. [1]
[1] http://spectrum.ieee.org/semiconductors/design/the-new-economics-o f-semiconductor-manufacturing
If
a market is willing to pay enough to support and grow the project, it can be done. Are there potential partners and large scale consumers for "top security through total transparency" to make an open hardware project viable today? One potential route would be to broker a deal to pool the resources of specialty hardware integrators who already have a market base for high security "solutions." The Open Office project pulled off something similar years ago, obtaining major funding and support from IBM and others who wanted Microsoft out of their hair. So, who wants a shot at defending some of their digital assets from outfits like NSA and GHCQ, badly enough to pay for it? The first place I would start shopping this "crypto anarchist" project around would be State security services - pretty much any small to mid-sized outfit not in BRICS or FVEYE could be a potential market for auditable scrambler phones for military commanders, senior elected officials, diplomatic corps and double-nought spies. From there to high performance servers and workstations would be a natural progression. I haven't looked at how the Black Phone folks are doing lately, but that looks like the kind of product line where open hardware might find its first viable home. Another consideration: One needs not necessarily own the facility where the chips are made: ISO quality assurance programs already in place support client access for audit and validation. A contract that specifies the client's intrusive presence during every phase of production and handling would cost extra, but a QA process that assumes the presence of hostile actors on the shop floor is definitely possible. Such a process would also be needed at a dedicated facility: One must assume the presence of hostile actors there, too. :o) Steve -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVuC2NAAoJEDZ0Gg87KR0LBwoQAIJfgVPARltMa8b/sMMnpe3G IO4aJd65b/24P6zLvngnpb+uy1Lo/7JwbWc2bNY6lbCEEUVRiZHYywSPeRvMf7zu T1WZzZnBVvCMv7m/3rO1J3g+6ImvX0bCvbrn3yi2W14J1K4cBYOFJ9f0yYFH2rPi HTL7Zboraazm4s3isgk5KJq2dIO69eXUartrGoVDuTzeO/L3nKNVCn262b3HdmGe UyFamR25s8sY10y8BLnerRqOlWM2ZDdsKtbycyz73igfUDVlx3t+0KAWNMI59JDc AumjXP+WqNexU0/Cm244hcu6hEEtsexBUAHzdy3l148YPoRbB8ZkZyhyRCCvz48U T2F6eGJMy0ACv5pfOBB4WmRgYGlQzscMPJkGYGOyz1iOhCb1fc+06nDGF8mwsrqp FI8MVumrVr2WE6jW4cX13dQ7x0RRzZzL3tBbPJ0I2c9Nz4MvkDe9pAZHFGQPiMHv Prw+MjWBsmAOIKmKCGKA3b41JY8SX6OXGTarjenyfic1QcmhsyEUkXzhfIGUD0+6 8TDKxamo57NZXNueNkaJdS/zb4sdyfRHR1WzsbQziqB3b/2OYoq6CmIM8mAUZXm1 6jKF5FENIvIx9JOxA4l2tBTZgWzEb5WaNVi0Ok4qs4ilKaYEEnvk2p8eatnZFX56 Jqg+hScNrbW8tVfQWS/9 =hdOW -----END PGP SIGNATURE-----