[ninjaoxygen]

What scares the hell out of me, it would be so easy to backdoor an implementation of the open core in a well-hidden way.

Whereas the "big" CPU providers are staking their reputation and therefore future business on providing a non-backdoored CPU, it would be fairly trivial for an individual device manufacturer to provide a backdoored CPU design for their chip design.

It could become the whole cheap-device OEM firmware situation all over again (as we saw with many backdoored routers), but this time the blob is located on-die, so is significantly harder to reverse engineer or audit.

[beagle3]

The main provides already provide a backdoored CPUs - Intel ME and AMD PSP.

There is a a general belief that only some good guys have the keys. I don’t know what it is based on.

[marcodiego]

This is a problem with common thinking these days: " general belief that only some good guys have the keys". I paid for the device, I should get the keys!

[phendrenad2]

If you care about security, you probably don't care about performance. High-performance cores are very complicated and hard to follow. But, if you give up performance, you can design a core that uses very simple concepts, making it hard to hide a backdoor in the design. Things like Chisel, which let you write your design in a higher-level language, help with that too.

[goodpoint]

> it would be so easy to backdoor an implementation of the open core in a well-hidden way

If anything it's way more difficult that doing so on a closed core.

> It could become the whole cheap-device OEM firmware situation

If you think high-end proprietary routers were not backdoored think again.