For me this is an extreme view. If your security demands are that high I'm sure you will find even nowadays CPUs which are in that level of "trustworthyness" you want. One funny example: You can use a Raspberry Pi which is not affected by Meltdown or Spectre ;) https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulne...
I understand that security is difficult, and that one can never be completely secure.
But is wanting to know what my processor is doing, or wanting it to be free of undocumented, obfuscated, proprietary code that runs at a higher priority than any software, really that extreme a view?
We base so much of human progress on these little wafers of silicon, it shouldn't be extreme to want to know what they do.
>We base so much of human progress on these little wafers of silicon, it shouldn't be extreme to want to know what they do.
Well said. I'll add that security is a threshold, and that computer systems are extremely complex. Every bit of openness -and the verifiability such openness affords- brings us closer to that ideal secure system.
Agreed, but for critical applications it might be appropriate.
> If your security demands are that high I'm sure you will find even nowadays CPUs which are in that level of "trustworthyness" you want. One funny example: You can use a Raspberry Pi which is not affected by Meltdown or Spectre ;)
Having the level of verificability the parent asks for is a lot more than "not affected by Spectre", and the Raspberry Pi is not very open in that regard.
But is wanting to know what my processor is doing, or wanting it to be free of undocumented, obfuscated, proprietary code that runs at a higher priority than any software, really that extreme a view?
We base so much of human progress on these little wafers of silicon, it shouldn't be extreme to want to know what they do.