My rule of thumb is that I don't listen to anyone who can't write exploits for modern software stacks (OS kernels, browsers.) And even then, you can still ignore 50% of those people too, as they are cranks. In contrast, most of the people here in every one of these threads couldn't overflow an integer if you let them write the for loop.
> I wouldn't be surprised to read comments that TPM is used by Bill Gates to give you Covid.
One time on here, someone linked an academic paper describing an HTTP PCIe accelerator. One of the (eight) authors was from Tsinghua, and so naturally someone in the comments started freaking out about how this was a plan by the Chinese Deep State to fund this for mass surveillance. When I asked him how this would work and what threat he expected, he described an elaborate Tom Clancy plotline where these PCIe cards will actually be snooping every key exchange, keeping them in memory, and they would be secretly equipped and manufactured with short wave radio devices that would allow Chinese agents to "exfiltrate private keys" (whatever that means) by posing as janitors and technicians in the datacenter and beaming those radio messages to them.
That was his threat model for "thing you literally plug into your fucking server and put on a shared memory bus."
Now, how this is expected to work when most HTTP accelerators don't do key exchange (and never ever see long term keys), or how these keys would benefit them when presumably many encrypted comms do not go through cables controlled and spliced by the nefarious, evil-loving CCP -- well, that's left as an exercise for you!
> I wouldn't be surprised to read comments that TPM is used by Bill Gates to give you Covid.
One time on here, someone linked an academic paper describing an HTTP PCIe accelerator. One of the (eight) authors was from Tsinghua, and so naturally someone in the comments started freaking out about how this was a plan by the Chinese Deep State to fund this for mass surveillance. When I asked him how this would work and what threat he expected, he described an elaborate Tom Clancy plotline where these PCIe cards will actually be snooping every key exchange, keeping them in memory, and they would be secretly equipped and manufactured with short wave radio devices that would allow Chinese agents to "exfiltrate private keys" (whatever that means) by posing as janitors and technicians in the datacenter and beaming those radio messages to them.
That was his threat model for "thing you literally plug into your fucking server and put on a shared memory bus."
Now, how this is expected to work when most HTTP accelerators don't do key exchange (and never ever see long term keys), or how these keys would benefit them when presumably many encrypted comms do not go through cables controlled and spliced by the nefarious, evil-loving CCP -- well, that's left as an exercise for you!