How a months-old AMD microcode bug destroyed my weekend [UPDATED]
Jan Dusatko
jan at dusatko.org
Sat Nov 2 13:51:52 PDT 2019
> None of todays CPUs (and NIC, USB, DISK, PHONE, etc)
> are even remotely trustworthy or trustable.
> So there is zero reason to believe they would get even
> that feature right either, nor do you have any way to
> exhaustively test it. Only way you will ever have one
> bit of open trust as to what is going on in your
> gear is with #OpenFabs #OpenHW #OpenAudits.
1. Provide physical access to your computer means, that this is not your
computer anymore.
2. Plug-in someone else hardware in your computer means, that this is
not your computer anymore.
3. Running someone else software in your computer means, that this is
not your computer anymore.
4. Allow someone else to administer your computer means, that this is
not your computer anymore.
> Ignoring that fundamental truth for the moment...
> the better way would be to feed your homemade radioactive HWRNG
> into the OS PRNG via the serial UART, which is also closed HW.
>
Bad deal. This kind of HW RNG will decrease amount of randomness in
relation of half-life. Also, radionuclides create lot of another
problems. Better to use quantum based RNGs, which will have the same
amount of properties for a long time. Nuclear fision are only one of
possible source with quantum properties. There are also noise of
amplificators, fotoelectric effect, Schottky noise ... Much more
efficient and much safer for use. More, better to follow regular testing
on random number generator based on BSI BSI AIS 2.0/3.1 than the NIST
800-90.
Jan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2591 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20191102/9c429805/attachment.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20191102/9c429805/attachment.sig>
More information about the cypherpunks
mailing list