Hacker News new | past | comments | ask | show | jobs | submit login

This adds a whole new dimension to 'Intel Inside'. It says exactly what anyone needs to know.

If it's for enterprise features as 'innocently' suggested that those who do not need or want this feature should be able to put it off simply without drama, debate or discussion.

Its not surprising that both AMD and ARM have it. This is an orchestrated effort signifying the win of paranoia and security over privacy in the western world.

This war is being fought on too many fronts by well resourced and paranoid security agencies with all the tools to influence and the only defense would be individuals and our sense of right and wrong. But it seems individuals have been completely disempowered and reduced to survival mode and are not in a position to stand up for the right thing or even talk about it.

If 'moral' individuals can so easily be quietened in well off economies then one wonders what happens in other economies where basic survival is a day to day fight. Who will fight the privacy war? The silence is deafening. It seems all the activism and racket from media, academics, NGOs and human rights organizations only come into play when a western political or strategic objective needs to be met.

There are many who believe that by working with and supporting security agencies they are somehow in the forefront of a nebulous fight of survival and freedom in a dark world. This 'dark world' is a self created and self serving fantasy and comedy for grown, well adjusted and well read individuals to fall for that push humanity into a negative space.

It can be taken for granted unless conclusively proved otherwise with the burden of evidence swaying the other way that any technology coming out of the USA and Europe is compromised completely and the fight for privacy here has been lost.

This is simply a barrier of resources and technology. Let's consider how software became "free". An idealist, an university and a motivated Finnish student, among many others, were able to create two complete, free operating systems and toolchains, on top of which anybody and everybody in the world could build. Now free software is a resounding reality and even increasingly adopted by large corps who were 100% closed in the past.

The germane question is, can a similar revolution happen for hardware? Can motivated individuals, or small groups of people, reasonably hope to design AND manufacture ALL the hardware for a modern computer? The answer is it's quite beyond the bounds of possibility. The tech is too complex, too closely guarded and manufacturing has HUGE upfront costs.

THAT is why hardware is currently completely dominated by a few big players, which allows them (and any other "agencies") complete control to essentially do as they wish.

We were able to make software creation egalitarian. Unless we can do the same for hardware (from ground-up), we will be ultimately controlled and never be in full control.

You're right that the barrier to open hardware is very high, but I hope that open firmware may at least help mitigate, if not solve, this problem. Buy a machine with ME-like hardware, flash the firmware with something open source and trusted and which disables ME, or returns control to the system owner.

ME operates above typical UEFI firmware. ME updates must be signed by Intel and Intel alone.

Aren't FPGAs a possible solution?

Well at least one incident seems to indicate that FPGAs can also have backdoors engineered into them just as easily: https://www.schneier.com/blog/archives/2012/05/backdoor_foun...

We need the manufacturing process to also be opened up just as much as the chip design, but the latter seems an easier goal, though in itself still difficult thanks to IP and economics.

This cruft doesn't need three letter agencies to exist. Big customers pay for it so it's done. Once it's done, it's easier to leave it there and soft-disable for people who haven't paid for it than to actually build two versions of the chip, with and without this feature.

However, speaking of spooks, I heard rumors that either Intel AMT or BIOS or some drivers (don't remember which exactly) is sold to the Chinese market with castrated crypto. Reportedly it's because the Chinese government requires imported crypto to be just strong enough to resist average guy, but not their supercomputers.

Any links re: Chinese requirements or hardware with nerfed crypto?

Sorry, I only heard it from someone who heard it from someone who heard it from someone who worked on it.

Some googling yielded this, for example:

http://www.networkworld.com/article/2331257/lan-wan/encrypti... (2004)


But this only shows that there are some regulations and licensing required, no details unfortunately.

It'd be interesting to start buying these un-un-cripple-able CPUs for use domestically, for increased security and maximum irony.

Potentially exploitable or backdoored firmware with weak crypto is no better than potentially exploitable or backdoored firmware with strong crypto, unless you are expert enough to know how to exploit it and then fix. And you probably aren't, considering that this stuff is all secret.

And, first of all, I'm not even sure if it was the ME firmware or any firmware at all. Might have been some stupid application you install on Windows.

I wouldn't buy security-critical stuff in China. You can bitch all day long about the US, but the fact is, if something like this San Bernadino phone unlock case happened in China, with Chinese phone from Chinese vendor under Chinese jurisdiction, you probably wouldn't even have heard about it.

> the win of paranoia and security over privacy

The win of paranoia over security and privacy.

Why limit your statement to "the USA and Europe"? Do you imagine the People's Republic of China is some sort of paragon of openness and transparency?

The Original Post's final sentence can be summarized as: "Unless evidence to the contrary appears, the fight for privacy in the USA and Europe has been lost." There never was such a fight in China, so neither victory nor defeat can be evidenced for it.

This is rather melodramatic. People don't care about things like Intel ME because for almost all of them, they don't ever affect their lives in any direct way at all, not because they've been beaten into submission and are in "survival mode."

Its like don't caring there's an idle remote controlled mine under your driveway. You need near perfect trust to consider yourself safe.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact