tmsr - Search: from:asciilifeform

44700+ entries in 0.008s

asciilifeform: it exists strictly to slightly increase the headache for reversers, and is not interesting tech from my pov

asciilifeform: swiftgeek: yes, and it's snake oil.

asciilifeform: http://btcbase.org/log/2015-08-12#1236209 << see also thread ☝︎

asciilifeform: hl`: this is a perpetuum mobile.

asciilifeform: this is an eprom. and i've had them in physical possession long enuff to know that they weren't touched by fucking nato. and , on top of this, i can physically photo the crystal without decap.

asciilifeform: let's take an example of trustworthy iron : K573RF4 ( https://eandc.ru/pdf/mikroskhema/k573rf4.pdf ) ☟︎

asciilifeform: speaking of all recent (sub-2uM , really) densities

asciilifeform: this is physically ~impossible with e.g. 60nm

asciilifeform: it, and no other

asciilifeform: if you cannot determine via physical means that the proggy as-published is actually executing on the given device

asciilifeform: 'open' isn't worth a sparrow's fart, per se

asciilifeform: !!up hl`

asciilifeform: which resolves to 1) i wrote the code 2) i know that the die was not built in advance to subvert the functionality of said code

asciilifeform: !!up swiftgeek

asciilifeform: we were discussing 'hardware which you trust to do rsa exponentiation' , neh

asciilifeform: ^ starting point for discussion.

asciilifeform: !#s specificity of diddling

asciilifeform: swiftgeek: go and maskrom-exploit my made-in-zelenograd-in-1985 cpu.

asciilifeform: no matter how you cut it.

asciilifeform: crypto on single-die device of modern (i.e. past 25 yrs ) manufacture, is a losing proposition.

asciilifeform: if i cannot audit the contents of the device, it is impossible to prove the nonexistence of magic key.

asciilifeform: this is the fundamental fallacy that resulted in a market empty of honest iron.

asciilifeform: whole concept of 'tpm' is explicitly counter to owner control. starting from when it was called 'palladium' and pushed by ms.

asciilifeform: hl`: how much do you like google's tpm, which opens in 3 seconds to 'evil maid' with the magic rsa key ?

asciilifeform: my 'root of trust' is iron that i assembled with own hands, out of soviet components, and sealed with glitter polish. fuck fritz tpm.

asciilifeform: http://trilema.com/2014/spy-stuff/ << like this.

asciilifeform: in a barrel.

asciilifeform: you don't resell crypto hardware, you thermite it

asciilifeform: tell me again why i would want 'tpm' if i have an airgapped 1990s machine for all computations on secrets.

asciilifeform: my machine. i read or flip whatever fucking bits i want.

asciilifeform: and i am definitely not interested in iron that protects against ~my~, the owner's, physical attack.

asciilifeform: hl`: i am not interested in buying iron that specifically protects against everybody-but-nsa physical attack.

asciilifeform: we don't pki, and we don't ssl.

asciilifeform: whole concept of 'root of trust' is a crock of shit.

asciilifeform: no magic chips needed.

asciilifeform: over in the civilized world, we http://trilema.com/2013/how-to-airgap-a-practical-guide/ our crypto.

asciilifeform: they're a nsa boobytrap, sold under the fraudulent pretense of 'security'

asciilifeform: hl`: nope.

asciilifeform: how about NO manacles.

asciilifeform: what does it even mean.

asciilifeform: why the FUCK would you want 'open' manacles ?

asciilifeform: if none can be cleansed -- we make from scratch, yes.

asciilifeform: but would like to try cleansing commercial arm64 board, first.

asciilifeform: understand, i can have ice40 boards to fit lappy chassis roll off conveyor in 6mo, if i want.

asciilifeform: ( or maybe not quite fitting, but it's close )

asciilifeform: j2 at least has the virtue of being small, and fitting in ice40 fpga.

asciilifeform: fuck riscv. it was deliberately designed with no arithmetical carry, to cripple cryptography. ☟︎

asciilifeform: and for same reason.

asciilifeform: nvidia is on same shitlist as intel

asciilifeform: it is no start.

asciilifeform: no thx.

asciilifeform: ahahahaha

asciilifeform: other than as fpga softcore -- where ?

asciilifeform: fabrication, is the rub.

asciilifeform: it is not difficult to design a usable cpu, if you don't need bincompatibility with anything

asciilifeform: and pushed under false pretenses

asciilifeform: it was designed by wreckers

asciilifeform: !#s riscv

asciilifeform: i fucking hate riscv

asciilifeform: cr50 however is 'glued with broken glass'

asciilifeform: and render it harmless

asciilifeform: i am not particularly interested in infineon, you can safely desolder it from any box that has it

asciilifeform: so 'it's a tpm' is not anything like whole story.

asciilifeform: swiftgeek: the typical x86 pc 'infineon' etc tpm, cannot do such interesting things as overriding bios write protect, accessing microphone, etc

asciilifeform: ( this was possible because i purchased a unit having cr50.r0.0.10.w0.3.3 fw )

asciilifeform: i've established that cr50 ~will~ accept fw update if ver is incremented and rsa signature is valid. so anybody with google's rsa key and 10 seconds of physical access can insert new fw into cr50.

asciilifeform: ( afaik strictly via the console, but this remains to be determined )

asciilifeform: but i will add, cr50 also hangs from same vreg's enable line and can switch it... back on

asciilifeform: so this part is not so interesting imho.

asciilifeform: i can also 'replace the card' by switching off its power rail via ec and inserting usb nic dongle.

asciilifeform: swiftgeek: understand, i have a quite specific aim in re this machine, outlined in http://btcbase.org/log/2018-06-11#1822866 . i do not particularly care re the irrelevant details, e.g. the shape of the antennae in m2, or the exact diameters of the screw holes, etc. ☝︎

asciilifeform: right

asciilifeform: doesn't give much .

asciilifeform: as printed on bottom of chassis

asciilifeform: swiftgeek: UAY-W8997-M1216

asciilifeform: ( and by the total unavailability, other than as antique, of actual computer )

asciilifeform: swiftgeek: i personally am more annoyed at rubbish masquerading as computer, than by general-purpose rubbish

asciilifeform: hl`: please read the chan logs and make use of the search, before asking q, http://btcbase.org/log/

asciilifeform: swiftgeek: as soon as they roll off the conveyor.

asciilifeform: swiftgeek: as far as i'm concerned , all boxes not yet cured of fritz are 'ewaste'

asciilifeform: what brings you to #trilema, hl` ?

asciilifeform: hl`: hello ?

asciilifeform: !!up hl`

asciilifeform: !!up swiftgeek

asciilifeform: at any rate i encourage folx who think that i dreamed it all, to build the snake ( i posted schem ) and do the exact experiment suggested earlier in http://btcbase.org/log/2018-06-11#1822821 . ☝︎

asciilifeform: fella seemed quite surprised that h1 exists at all

asciilifeform: https://irclog.whitequark.org/linux-rockchip/2018-06-09

asciilifeform: ( their chan's )

asciilifeform: see the june 9 log.

asciilifeform: seems that we have already spoken

asciilifeform: paulk-gagarine ?

asciilifeform: the fella in #rockchip-linux ?

asciilifeform: not to mention that i do not have the 'servo' device, nor see anything to be won from building it ( it gives access to the consoles, which i already have, and spi, which i already have via soldered probes, and that's it. )

asciilifeform: a chinese shop could, for instance, mount the http://www.loper-os.org/pub/c101pa_dbg.jpg ( 'google servo' ) connector, on to the vacant pads. BUT this does not give me anything that i do not already have via the 'suzyq'.

asciilifeform: https://chromium.googlesource.com/chromiumos/platform/ec/+/master/chip/g/ << starting point re console functionality ( locked and unlocked )

asciilifeform: so far my only clue that h1 actually runs the given fw , is that i was able to flash in a vendor update : http://btcbase.org/log/2018-06-08#1821699 and ended up with a slightly different, in the ways suggested by the src, console ☝︎☟︎

asciilifeform: ( if you know of a counter-example, please link )

asciilifeform: but i have no way to verify the truth of what he said, aside from noticing that there is 0 discussion anywhere on the net, aside from #trilema and my www, of the h1.

asciilifeform: according to amstan , the fella claiming to be a designer of c101pa , everything connected with cr50 is deeply trade secret, and shared with no one outside of google.

asciilifeform: everything else, is off-the-shelf