AudioCircle
Community => Non-audio hobbies and interests => The IT Crowd => Topic started by: Folsom on 26 May 2018, 04:14 pm
-
https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/
-
https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/
All the more reason to use AMD processors!
-
There is any proof only Intel use it?
-
All the more reason to use AMD processors!
What's the solution? Well, it's not "Switch to AMD chips". Once, AMD chips didn't have this kind of mystery code hidden inside it, but even the latest Ryzen processors are not totally open. They include the AMD platform security process and that's also a mysterious black box.
What Minnich would like to see happen is for Intel to dump its MINIX code and use an open-source Linux-based firmware. This would be much more secure. The current software is only secured by "security by obscurity".
-
Minix! I seem to recall having Tanenbaum's book "way back when"...
It isn't really fresh news that these chips have Minix in them though, as the Wikipedia page had it added last September.
According to Wikipedia, Minix 3 is "a highly reliable and self-healing microkernel OS." Minix is a micro-kernel architecture - "In a monolithic system, a bug in a driver can easily crash the whole kernel. This is far less likely to occur in MINIX 3." Also,
Monolithic operating systems such as Linux and FreeBSD and hybrids like Windows have millions of lines of kernel code. In contrast, MINIX 3 has about 6,000 lines of executable kernel code,[21] which can make problems easier to find in the code
(https://en.wikipedia.org/wiki/MINIX_3#Architecture)
It seems fairly clear why Intel used Minix rather than Linux in that application. The idea that Intel should replace it with Linux seems rather odd. It's not like Linux has never had security bugs.
https://www.theregister.co.uk/2017/11/07/linux_usb_security_bugs/
https://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/cvssscoremin-7/cvssscoremax-7.99/Linux-Linux-Kernel.html
-
John, it's more a question of privacy and autonomy I think. All this microcode stuff not only allows security risks, but really allows privacy invasion potential, coercion of operating systems, etc. I have to agree with that. While it may not be expansive now, they're only going to continue to develop it until it is rather consuming.
My computer is from 2012 and runs faster than all the new computers because I use Linux... The racket of this bullshit about needing to upgrade all the time is out of hand for the average consumer. 2008 you did the same things online as 2018 for the average consumer... I simply don't have much trust in the status-quo gang of computer stuffs.
-
Seems this is a made to order scenario to take control of any PC when its need.