[nickpsecurity]

"completely undocumented and has access to the memory, peripherals, network interface etc. "

They were documented in the sense Intel publicly advertised them for years under AMT and vPro as enterprise features. That's why all the discussions on HN about whether Intel had backdoors or weakened randomness were funny. While people were "countering misinformation" here, Intel was publicly advertising backdoors in their chips to ease the management burden. I mean, I guess you could call them front doors with the publicity.

The sneaky part was how they started including them in all chips without a way to (a) buy chips without them or (b) know for sure you could turn them off. I immediately suspected NSA paying them off given most of this started in Trusted Computing Group activities which included classified sessions with NSA. They were always a stakeholder in that stuff. AMD did it, too.

Our only hope for x86 now is the Chinese company that's sharing AMD's chips. They might make a chip with no U.S. backdoors: only Chinese backdoors. If you're worried about local government but not I.P. theft, then the Chinese backdoors won't be any threat to you. Problem solved if the computers get here with no interdiction. Gotta do shell games.

[otakucode]

I am not surprised that their inclusion was sneaky. I recall when Intel attempted to market TPM for the first time. The reaction was swift and very negative. Slashdot was not in favor of 'security' through including security holes and relying upon obscurity of the information on how to exploit the holes being the single point of failure. It was closer to when the government was trying to mandate key escrow and Clipper chips than now and back then they had to walk it back and not release it with a high profile. Back then the most common worry focused on was that this would be used for hardware-based DRM in service of the entertainment industry.

[userbinator]

I recall when Intel attempted to market TPM for the first time. The reaction was swift and very negative.

Are you sure you didn't confuse that with the processor serial number (that Intel actually reversed their decision on)? https://news.ycombinator.com/item?id=10106870

TPM was (unfortunately?) far more positively received, likely because it was marketed as a security instead of DRM feature --- and the same goes for a lot of other antiuser features today... the manufacturers have gotten smart about it.

[acdha]

The TPM got almost universally negative negative coverage outside of the enterprise IT space because there wasn’t an obvious benefit to anyone else and many concerns that it would prevent alternative operating system installs, lead to unbreakable DRM, etc.

This was unfortunate as it largely evaporated the middle ground who recognized that without some trusted base you also can’t recover from malware or have robust anti-theft measures. I wish the politics had been such that we ended up with a robust open-source implementation before so much shoddy, unreviewed code had shipped so widely.

[darkpuma]

> "If you're worried about local government but not I.P. theft, then the Chinese backdoors won't be any threat to you."

Not necessarily. It's possible your local government has infiltrated the Chinese agencies that have access to your data. Maybe not likely, but possible. It's also possible the Chinese might choose to sell that data to your government.

[jake_the_third]

It's all about decreasing the odds. US -> China -> CPU is longer than just US -> CPU.

[darkpuma]

Yes I agree. However the calculus may change for people in smaller countries that are diplomatically closer to China than America (increasing the chance that their government will do business with the Chinese government.)