Free Advice for FBI/OPM/NSA/DOE: full-disclosure hardware

Tim Beelen tim at diffalt.com
Wed Jun 17 05:59:52 PDT 2015


Has anyone ever established or tried building trust model with any of 
these producers? It's rather hard to invent that wheel. I've heard that 
setting up a foundry is quite a bit of work. And in today's environment 
it is a significant advantage to produce community vetted hardware. So 
we might be able to get a solid business model behind this.

On 6/17/2015 3:27 AM, grarpamp wrote:
> On Wed, Jun 17, 2015 at 12:25 AM, Troy Benjegerdes <hozer at hozed.org> wrote:
>> PCB layout of the server(s) that got hacked.
> The gate counts in the chips moots the PCB.
>
>> 'IP' and such
>> ...
>> because there will be more than just me talking about why we need
>> full-disclosure hardware that you can X-ray and compare to an image
>> signed and hosted by multiple independent and competing nation-state
>> or multinational-corporate level security agencies.
>> ...
>> If your Intel motherboard matches the image signed by IBM,
> Private xraying to validate an individual chip is fine, but does
> nothing for everyone else. If you already have and are validating
> the [somehow open] image, you might as well open-source and
> open-up the entire fab. That way you know everything rolling off
> the line is good. While you may trust the chip to image in your
> hand, do you trust Intel, Huawei, Qualcomm, TSMC?
>
> https://en.wikipedia.org/wiki/Foundry_model




More information about the cypherpunks mailing list