this post was submitted on 16 Sep 2024
58 points (96.8% liked)
Privacy
32103 readers
1033 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You can audit IntelME a similar way, it's just more annoying and tedious, it's also been done before by people. Honestly I don't bother much with the IntelME conspiracy theory much anymore (and yes I will call it a conspiracy theory, more on why later), I did used to be extremely interested in it about 2 years ago, I researched the topic heavily. I met people and colleagues who were also interested in it. However I found when I suggested ways to study or prove the claims made about it, like where it's communicating to or how it interacts with the system or even just disassembling the rom I would get weird answers about it knowing when it's being probed and that I wouldn't consider entirely rational when describing a tiny embedded system like this. Then I came across the 34C3 video and basically I realized then and there that this is a conspiracy theory, as there is a whole great study done by these guys and everyone is ignoring it.
Then there's the fact that many of the theories out there seem to resist investigation, and people seem to come up with more elaborate ways of it resisting. Example: I presented the idea of sniffing the Ethernet connection of the computer by cutting the cable in half and probing it with a debugger and they claimed that the chip would listen with the microphone and abort, or that IntelME would skew the data collected when loaded up on another computer.
The end result is that I bought a high end PC from System76 with the capability to disable IntelME largely for nothing, which would be fine if the Laptop wasn't so problematic, like the fact that it gets insanely hot and chews through battery insanely fast (seriously Battery consumption is worse on this laptop than my Steam Deck). Also it chews through power like this even on the iGPU, but it was way worse on the nvidia GPU, like way way worse. I wish I had gotten something AMD based, They're killing it when it comes to performance and efficiency, more than I can say for Toasty old Intel.
It's a tricky situation to navigate.
There is the technical aspect, namely is it actually feasible, but itself wrapped within an economical and political context, as I've highlighted in another thread on this post.
On one hand we learn from Snowden's leaks about an entire surveillance apparatus, we might also have a conceptual understand of limitations via articles like "On trusting trust", plain incompetence and shortcuts for large companies, so all that and more invite us to be very prudent. Those are actual justifications for questioning what hardware, if any, can be trusted.
Yet... one can't go from those justifications to speculate. Yes there might be flaws, intentional or not, in both the design or the production or both of chips. Still, it's not because it's conceptually possible, or even that it happened before, that it does happen today and at scale.
Your System76 is an interesting example and it's a bit like my Banana Pi tinkering, or even more limited (yet exciting IMHO) the Precursor. Namely it's a very costly trade off today to "work" with hardware one can (at least try to) understand better, hopefully itself leading to better privacy and security. In the end most of us believe the trade off for more affordable performances trumps that deeper understanding.