Hacker Newsnew | comments | show | ask | jobs | submitlogin

It is even worse. The attempt to escape into OSS/Linux is a step in the right direction. But as long as we are dependent on mass consumer hardware then there is always a risk of being spied through hardware backdoors. In this case it doesn't matter which software we use. Even encryption is useless. It is NOT enough to avoid Windows 8 because the real problem is modern hardware that uses Trusted Computing chips.

Trusted Computing (TC) is way more dangerous than classical hardware backdoors. I consider TC an evil technology because it not only takes control away from the user but it even allows to inject faked evidence into computers which could make innocent people -- independent journalists, political activists etc. -- suspect to crime.

TC could also be used to delete evidence from computers of journalists who would have no power to keep it. TC allows to control people without letting them even know about it. TC is a huge danger for freedom of speech. It should be banned politcally and boycotted in business. My recommendation: Don't buy consumer hardware but use embedded Linux systems with bare bone technology.

If we want to be truly secure from being spied then we must do a complete restart with new hardware and software from scratch. There is no way around.

I am actually "glad" about the NSA scandal (thank you Snowden) because it woke people up and made them aware of the reality of global surveilliance, and about the huge threats of Trusted Computing. NSA should be controlled by the people of the United States but obviously it has become out of control. This single NSA case has silenced the mouth of the conspiracy mockers once and for all.




> silenced the mouth of the conspiracy mockers once and for all

Before the Snowden leaks, you'd be hard pressed to find a technically-minded person arguing that the NSA doesn't have, at the least, the potential to have their fingers in every pie.

-----


Before the recent leaks, the response was "OK, that's possible in theory buy surely they wouldn't." Now we know if they can, they do.

-----


Thanks for your insight. I completely agree. Can you recommend any tutorials and secure hardware components?

-----


It is the job of the hackers to think about the whole mess, and to develop solutions that actually work and which guarantee freedom of speech to us. Hacking insecure systems is one thing but now they have the opportunity to prove how smart they really are.

Meanwhile you could google around for "Linux embedded systems".

-----


Do you have any more information about the use of Trusted Computing/the Trusted Platform Module to remotely run arbitrary code on a victim's computer? This is news to me.

-----


A mainboard with such a feature just needs a hidden remotely accessible subsystem that is completely protected by TPM and which has access to your system through DMA, to read bytes and to write bytes in whatever system (RAM, Harddisks, SDcards, USB, WLAN, etc).

Consider it a "dual system" mainboard with the usual hardware where you have full control, plus a controlling subsystem where you have no access at all. Everything could be done remotely but you couldn't see any evidence.

-----


I agree that this could be done in principle, and even that it isn't unlikely that people are thinking about doing it. But is there any evidence that such a subsystem has ever been created? Are there any additional technical details surrounding this?

-----


> TC could also be used to delete evidence from computers of journalists who would have no power to keep it.

Since Amazon deleted all those copies of 1984 from everyone's Kindles, I don't keep mine connected to the internet. If you have data, you can keep it. Keep it on your own devices.

-----


I think journalists or other hobbyists/professionals with work they need to protect should start thinking about keeping an air-gapped computer around. I've seen this phrase used recently to describe a computer which has never been connected to the internet, a network or another device. I'm sure it's non-trivial to source a computer that arrives in a trustworthy state, however.

-----


> Since Amazon deleted all those copies of 1984 from everyone's Kindles

What? When? Seriously?

-----


They mistakenly sold books the publishers hadn't licensed, then refunded the customers and removed the books from their Kindles.

-----




Applications are open for YC Summer 2015

Guidelines | FAQ | Support | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: