[blendergeek]

> not accessible and extractable by any sw, google or AMD.

Of course we have to just take AMDs word for that. It would always be possible for AMD to push an update to the PSP that gives them access. I'm not saying that should be in the threat model of an ordinary person, but these machines are still backdoored by AMD.

[ikiris]

You're making a lot of assumptions here.

[blendergeek]

You say I am making "a lot of assumptions".

Lets go through them.

> Of course we have to just take AMDs word for that.

I think this is obviously true. Nobody has ever done a public audit of AMDs 'secure instructions'.

> It would always be possible for AMD to push an update to the PSP that gives them access.

Assumptions here:

1. The PSP has access to the data protected by "secure instructions".

Given that the encryption is handled by the PSP, this is trivially true.

2. AMD can remotely push firmware updates to the PSP.

Assuming that the cloud services provider keeps the firmware up-to-date seems like a safe assumption to me. If they didn't, we would probably call their system insecure.

3. The PSP could be used to exfiltrate data.

Given that the PSP has full access to the machine, including the network system, this is also definitely true.

> I'm not saying that should be in the threat model of an ordinary person,

Simply stating that this paragraph should not be construed to imply that everybody msut leave AMD in masse introduces no new assumptions.

> but these machines are still backdoored by AMD.

This restates previous ideas, while making it sound more ominous. It also introduces no new assumptions.

Do you disagree with any of these assumptions? Or are you simply dismissing my comment by stating that there are "a lot" of assumptions despite the fact that all the assumptions are known to be true.