Celestial Weasel (celestialweasel) wrote,
Celestial Weasel

Take the utraviolet pill

The question that springs to my mind is is there a decent contemporary book about cybersecurity?. What are the real threat models these days that one might plausibly defend against? Clearly we have to distinguish between state and non-state actors - with state actors one is probably pretty screwed - and the question arises of what can they really do? Not that I believe they have quantum computers hidden away somewhere - not that you can necessarily do with them what wilder hype / folk-wisdom suggests.

What I was musing about was whether one make a reasonably secure, whatever that may mean these days, 'PC' - for some value of 'PC'?
I say 'PC' in quotes obviously.
Things like http://www.theregister.co.uk/2015/08/11/memory_hole_roots_intel_processors/ (fun with Ring -2)
and http://www.theregister.co.uk/2015/08/12/lenovo_firmware_nasty/ (weird PC boot up tricks, in conjunction with Windows)
makes me think one would rule out Intel processors and the 'PC' architecture.
What about ARM and, say, the Raspberry Pi? Are we put off by the binary GPU blob in the processor?
Which is the most transparent processor? Is there anything one can 'program' oneself into an FPGA? Can one trust the tool chain?
I was struck how few processors there are left - are there any used in any mainstream computers apart from Intel / AMD x86/x64, the dying Itanium, ARM and SPARC?

Obviously, one has to consider the O.S. Somehow I knew long ago that GNU TLS was written by people who didn't really know what they were doing due to Stallmanite butthurt http://www.zdnet.com/article/another-serious-gnutls-bug-exposes-linux-clients-to-server-attacks/ (never have done stuff with that level of code, but it was something I had come across - someone working on one of the BSDs saying it presumably). So, on the whole I think I would prefer a BSD variant. Not that I am an open source bigot / fan, but clearly one would trust Microsoft / Apple / Google as far as one could spit them.

Suppose one wanted to observe the constraint that 'only the CPU is a CPU - no sneaky CPUs in the keyboard / mouse / disk / graphics card (monitor allowed providing it is 'properly isolated' (whatever that means)(probably)(or maybe a CRT), is this feasible these days?
Remember, your SD card may have a CPU http://www.bunniestudios.com/blog/?p=3554

Remember weasel's 3 laws of computing:
1. You can't trust computers
2. Everything is a computer
3. Run!!!!!

A bit terse and stream of consciousness but I can see this turning into a 200 page rant (197 of them footnotes) otherwise.

  • Sweet municipal dreams

    I owe posts on a couple of things, but I break my long silence to commend the new Saint Etienne album, Home Counties, to you. It appears to be on…

  • The Hanging Tree - 2 questions

    Two questions... one is a plot one and one is a 'emotional authenticity' one Plot one: Did I miss something or is there no real explanation as to…

  • The Hanging Tree

    When more of you have read it I will be asking a couple of questions.

  • Post a new comment


    default userpic

    Your reply will be screened

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 1 comment