Hacker News new | past | comments | ask | show | jobs | submit login

> This separate system can't be user-modifiable or field-updateable, because then malicious software could impersonate the user and disable the security chip.

I feel like I'm repeating myself after a decade or two, but this is a situation where the best answer is to a physical switch for read-only mode. (Software isn't always the answer!)

Sure, it might not protect you from a spy who sneaks into your house to physically flip it before installing undetectable deep-backdoors... but that basically never happens when compared to conventional malware and hacks over the internet.

Of course, this assumes the goal of the trusted-chip is indeed to protect the user and the community around their computer at large... as opposed to a deceptive campaign by large companies and copyright-holders to cripple your computer for their own ends.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: