You would need to go back to ~2005-era Intel x86 CPUs to have x86 without a backdoor baked into the silicon (as far as we know), like Pentium 4. The Core 2 / Q6600 / P35 chipset already had an early version of it. Wikipedia says AMD added their equivalent, the Platform Security Processor, around 2013, so their best CPU from 2012 would be the FX-8350.
I mean technically there's nothing they can do that SMM couldn't - introduced in a revision of the 386. It's code running with system permissions invisible to the "parent" user code and OS.
You're already pretty much trusting the same people then as now, at least if they are "actively malicious".
Because of the SMI/ACPI/Intel Management Engine/AMD Secure Technology/UEFI, and optionally AMT-complex, where usually only parts of can be deactivated partially, but never all of it.
It's actually more bad than the above mentioned ARM-stuff, which is misinformed(maybe because of raspberry piish broadcomisms, or locked down dumbphones), because on ARM, you either can disable that stuff, or even can run your own instead.
Since the first time that I saw this here in HN I've been sharing it with several people around me. This including CS students, CS professors and non-technical people who only asked "how does a computer work?". I only say "just type 'cpu.land' and read that". This is one of the best things that I've found here.
No problem really, I think most people want to bootstrap quickly from the low level into the higher abstractions that they care about, few people want to stay down in the cpu itself.
Meanwhile, companies are taking the "You" out of the CPU so they can control your hardware and by indirection, you.
How?
Secure boot etc. It's in every ARM device, including the management engines in x64 devices (which are ARM devices).
Oh, I see.
Fortunely there is still x86
You would need to go back to ~2005-era Intel x86 CPUs to have x86 without a backdoor baked into the silicon (as far as we know), like Pentium 4. The Core 2 / Q6600 / P35 chipset already had an early version of it. Wikipedia says AMD added their equivalent, the Platform Security Processor, around 2013, so their best CPU from 2012 would be the FX-8350.
I mean technically there's nothing they can do that SMM couldn't - introduced in a revision of the 386. It's code running with system permissions invisible to the "parent" user code and OS.
You're already pretty much trusting the same people then as now, at least if they are "actively malicious".
There is https://en.wikipedia.org/wiki/Intel_Management_Engine
Anyway, it will be maybe a few years until the governments will get the idea of enforcing their own management engines into our hardware :/
> Oh, I see.
No, you don't.
Because of the SMI/ACPI/Intel Management Engine/AMD Secure Technology/UEFI, and optionally AMT-complex, where usually only parts of can be deactivated partially, but never all of it.
It's actually more bad than the above mentioned ARM-stuff, which is misinformed(maybe because of raspberry piish broadcomisms, or locked down dumbphones), because on ARM, you either can disable that stuff, or even can run your own instead.
https://www.trustedfirmware.org/projects/op-tee/
https://github.com/OP-TEE
https://docs.kernel.org/next/tee/op-tee.html
Since the first time that I saw this here in HN I've been sharing it with several people around me. This including CS students, CS professors and non-technical people who only asked "how does a computer work?". I only say "just type 'cpu.land' and read that". This is one of the best things that I've found here.
https://news.ycombinator.com/item?id=46574687
I think this is a good overview for most people, this is probably what they want.
For me personally I was surprised given the name that very little is about cpus and most of the material is in the operating system.
I guess I gotta write one about CPUs now ;)
No problem really, I think most people want to bootstrap quickly from the low level into the higher abstractions that they care about, few people want to stay down in the cpu itself.
> The bottom of every page is padded so readers can maintain a consistent eyeline.
God bless
Great introduction to programming fundamentals as well.
Being able to explain something this simply usually requires a very good understanding of the entire subject.
Very fine site!
Great presentation.
[dead]
[dead]
[dead]
[dead]
[dead]
[dead]
[dead]
[dead]