Debotnet modern processor

So, anyone here figure out how to debotnet their modern processor yet?

web.archive.org/web/20160330215729/http://www.computerworld.com/article/2962325/computer-processors/design-flaw-in-intel-chips-opens-door-to-rootkits.html

Just imagine what this rootkit hacks could do on your processor? then you install libreboot on it.

Other urls found in this thread:

github.com/Cr4sh/SmmBackdoor
blog.cr4.sh/2015/07/building-reliable-smm-backdoor-for-uefi.html
blog.cr4.sh/
twitter.com/AnonBabble

Does anyone know if it's possible to build a VM with an obscifucation layer between it and the processor?

Nope. Piledriver and earlier with AMD, and pretty much anything pre iX-series with Jewtel are botnet-free. Beyond that, de-botnet'ing (or building your own CPU) is virtually impossible.

Memory sinkholing requires ring 0 access.


There are architectures besides x86. Also, you can do some things with FPGAs to realize your own design, but don't expect high performance.

Write a microcode patch that blocks it, there, I debotnetted Intel, now get on it, nerds

SBC thread is over there ->

so basically what you guys are saying is that there's no way to get a completely 100% free and open source system running?

can anything protect me from my cpu (intel cucks)?
is everything i do to protect my privacy useless against this?
is there a SBC that is 100% free of binary blobs?

chinese/mossad chipsets/SoC

There are some completely free devices that us free hardware and free firmware, such as the Ben NanoNote (pic related). Don't know what's available for regular computers though.

I doubt ARM chips are any better.

Only things id trust are powerpc (possibly), MIPS,Sparc, and full retro/embedded chips m68k,PIC32 etc

It's just a meme faggots.

Pretty much all SBCs are use proprietary SOCs based on ARM. Raspberry Pi refuses to even boot without proprietary binary blobs stored on the Videocore GPU.

You'll be sorry we couldn't stop a terrorist attack because we couldn't remotely get into their computer. I wish Linus would stop being a faggot and cooperate with the US government already.

I don't even know if you're jocking.

Sure.

Nope, just like I won't be sorry that the next mass shooting won't be stopped because I didn't support ridiculous gun laws.

Jeez how many more mass shootings do we need to organize before people willingly bend over to gun control laws and more nothing-to-hide botnet hardware?

These goys are starting to piss me off.

Oops wrong forum, how do I delete this?

I kid you not, this guy is doing god work on trying to hack intel x86 processor

github.com/Cr4sh/SmmBackdoor
blog.cr4.sh/2015/07/building-reliable-smm-backdoor-for-uefi.html

based Russian hacker is based

The thing is, this only work for processor that are using SMM as operating mode. I believe there are i5core that uses SMM but I'm not sure whether it also came together with intel ME. If so, I'm not sure this why is this russian guy put a lot of effort into hacking this stuff if there's intel ME in it.

more updates here blog.cr4.sh/

what do you mean? your processor has full access to the virtual machines, just as the kernel has full access to your processes


software only? yes there is a small number of choices.
software + hardware? no. lowRISC might become the first system to achieve it later this year. I think the Ben Nanonote (>>598021) uses a proprietary processor, but this isn't a problem in the Ben Nanonote's case. Everything else in it is libre, which puts it in a similar situation to the Novena laptop in terms of libre hardware+software.

I'm pretty sure those $3000 POWER8 workstation boards are totally free.

Of course! The best way to beat a microcode backdoor is to use hardware that can be phreaked with a passive thermal imaging camera from a mile away!

If they want to fuck you, it's easy for them, anyway.

Pretty sure the Ben Nanonote is all free, at least that was the reason I was given for it having specs comparable to a higher end PDA from the year 2000 (including lack of wifi) when it was released in 2010.

Perhaps he's working on that because it's easier to exploit than the management engine.

Seems like the best way to deal with hardware level backdoors is with hardware of your own.

Just of the top of my head: what if you put your PC in a faraday cage and put a device between your PC and router that only creates a physical connection when you're actually sending/receiving data, to minimize the time you're actually connected to a network.

Ugly af, maybe it's better to find a way to integrate the faraday cage directly into your tower.

Nice try NSA.

That would be cool, and yea, I don't think IO peripherals need to be inside the cage, just the tower.

Well you want to be really sure that your keyboard isn't transmitting either.

It shouldn't be that hard to write a microcode patch, given you have access to a hardware microcode flasher in case you brick it and backups in case you break the chip somehow fucking with the voltage regulators or some shit, it'll be no different than writing a homebrew exploit for a game console really