https://brmlab.cz/user/jenda/intel
One evil HW comparator and we're all screwed :-(
2017-06-11 17:07 GMT+02:00 Neil Jansen njansen1@gmail.com:
On Sat, Jun 10, 2017 at 11:54 AM, ronwirring@safe-mail.net wrote:
It was very informative. A lot of the technical matter I did not
understand.
This was a GREAT talk. Thanks for the link.
Can you explain: 23.04 The 2 lowermost boxes?
- PDK / Foundries. The factories in which the chips are made in. They're
not open. They're proprietary and there's a implication of trust. 2) Equipment / Raw Materials. The equipment that makes the chips and the raw materials that go into the chips. All a very cloudy and and murky area that is not open, and very proprietary.
He's basically saying that those that want *100%* open source hardware would require infinite recursion down to the raw components, which is impossible. That's the whole point of the talk. The 'impedance mismatch' thing is a sort of metaphor to describe the unrealistic expectations of those idealists that want 100% open source hardware. He's saying it cannot happen today. And BTW I've met Bunnie on several occasions, he's legit, and you can trust what he's saying to be technically correct. He's the real deal.
What is a stepper?
A stepper motor. That is, do you trust the motors that move the machines that made the integrated circuits?
What is fuse?
See this link: https://electronics.stackexchange.com/questions/1262/what-are-atmel-fuses
25.15 The 4 lowermost boxes?
- BIOS
- Firmware
- Hidden / fused silicon blocks - Blocks of silicon on the chip that aren't
usually turned on, but are there. Lots of big vendors are doing this now: Intel, AMD, Nvidia, and it's anyone's guess as to what their real purpose is. That leads to conspiracy theories, as Bunnie said. This is a problem because if you put a chip like this into an open source laptop, it begs the question of what would happen if something turned on that section and started execution code from it? Nobody will know until (A) documentation is leaked from the company or (B) someone reverse engineers it. Basically if you use anything application processor chip made in the last 5-10 years, you probably have some hidden / fused silicon blocks doing god knows what.
- Pre-boot microcode - Microcode (https://en.wikipedia.org/wiki/Microcode)
that executes BEFORE your computer boots. This is a big deal, because everything that happens after this point can be considered suspect. (similar to how a boot virus would spread because it executes first).
- IP industry practices - Intellectual property used by silicon
manufacturers that are not open. What he's saying is, say that you're a silicon vendor and you just bought a intellectual property from ARM to make an ARM chip. They're giving you HDL (hardware description language) and netlists (a large list of the connections to be made in the die), and guess what, they gave them to you encrypted so that their intellectual property is safe. You (the guy that runs a third party chip factory) cannot review or inspect the intellectual property that ARM gave you. The point here is that unless you're using an open source (RISC-V, etc) core, then using an ARM isn't really 100% open source hardware.
- Mask trojans & glitches - These are malicious things in the CPU die
itself, that even if you were looking at the silicon die under a microscope and studying it, you'd still completely miss it. Very nasty but they exist. Hackaday.com has a lot of interesting articles that break these sort of things down in layman's terms. Very interesting. Basically because these exist, there's no way to know that you are really executing what you think you are executing unless you built the foundry and supervised the chips being made, and analyzed everything that went into the manufacture of them. It's a trust problem.
These are all highly complex subjects that hardware engineers like Bunnie deal with a lot, and other (I'll say idealist) software guys probably have never thought of. They're important in that when you realize that they're there, you will then understand how silly wanting 100% open hardware really is. It's a huge problem that hardly anybody is trying to fix.
Recently the 6502 was completely dissected and recreated, so that's one of the only fully documented (and I'd say fully trusted) cores out there today. And that was made probably before I was born. Everything since that should be assumed to be compromised and < 100% open. Oh, and even then, the 6502 would have to hook up to OTHER chips like flash, RAM, and whatever generates the video and handles the peripherals. Those have not been completely dissected, and could be suspect. Do you see what Bunnie means now? That's the impedance mismatch.
P.S. my apologies to LKCL and others, I don't have a plain text email client. _______________________________________________ arm-netbook mailing list arm-netbook@lists.phcomp.co.uk http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook Send large attachments to arm-netbook@files.phcomp.co.uk