[stefan_]

AMD processors have much the same backdoor-"management" coprocessors. Just about the only processors without this stuff is your own softcore design running on an FPGA.

[femto]

Then you have to worry about any "management" modes on the FPGA.

https://www.cl.cam.ac.uk/~sps32/Silicon_scan_draft.pdf

[jgtrosh]

What's left, RISC-V?

https://en.wikipedia.org/wiki/RISC-V

[pjmlp]

Not really, because most deployments use UEFI alongside them.

https://github.com/riscv-admin/riscv-uefi-edk2-docs

So if it isn't from door A, door B will do.

[zekica]

It is not just for booting. UEFI has Runtime Services that an OS can call.

[yjftsjthsd-h]

How is UEFI like ME/PSP? I thought it was just for booting.

[robotnikman]

Its surprisingly more complex than that. You can run Doom in UEFI

https://github.com/Cacodemon345/uefidoom

[yjftsjthsd-h]

Okay, but that doesn't really bother me; running arbitrary payloads is the point of a bootloader. The only reason I would be worried by UEFI on RISC-V is if the UEFI firmware in question stays running in the background after the OS boots, and isn't properly inspectable. That might be the case - I have some vague notion of UEFI providing post-boot services, and for all that the EDK version is FOSS you could certainly make a closed version - but I'm not seeing any reason to panic just yet.

[smoldesu]

A malicious actor can do a lot of things in UEFI, but they can't decrypt my disk, they can't boot into my OS, and they can't mess with my userland environment. If Johnny Blackhat fancies a game of Doom over TTY on my desktop's UEFI environment, he can be my guest.

[classichasclass]

POWER8 and POWER9 say hi.

[LargoLasskhyfv]

Money says bye.

[_kbh_]

At least for AMD the PSP isn’t externally exposed which means the attack surface is drastically reduced.

[aqfamnzc]

When you say externally exposed, do you mean to the network, or physically exposed, or what?

[_kbh_]

It doesn’t sit on the network (unlike the ME) so an attacker needs to have access to the host already to be able to exploit any vulnerabilities on the PSP.

[rkangel]

This is not about the management engine. Microcode is part of the actual core processor itself, but an updatable layer. One sort off correct mental model might be to think of x64 hardware as being a RISC-ish processor that runs microcode that runs your code.

[yjftsjthsd-h]

What about POWER?

[greggsy]

It’s not a backdoor until it’s proven that it’s used for that propose. Until the it’s just (yet another) potential side channel.

[CoastalCoder]

I don't understand that logic.

It's like saying I haven't been robbed until I discover that my stuff is missing.

[oasisbob]

> It's like saying I haven't been robbed until I discover that my stuff is missing.

Well, robbery is theft under threat of force, so it would be very hard to be robbed and remain unaware of it.

[jsjohnst]

Yep, I assume they just don’t know the difference between robbery and burglary.

[CoastalCoder]

Actually, I do know the difference, but forgot the distinction when writing the comment :)

[atq2119]

That's literally true, though?

To make the analogy work for you, you have to add something about doors being unlocked, or somebody else having the key to your home.

[bee_rider]

I think in the original analogy, the actual robbery is just used as an event which may occur without our knowledge. Your analogy is better, the mapping makes more sense.

Something like: The locksmith has made a copy of your keys without notifying you. They could hypothetically use those keys to enable a robbery, but you won't know definitively either way until you find something stolen. But it is a pretty weird thing for them to do, right?

[na85]

>That's literally true, though?

There's no Schrodinger's Burglar. You've been robbed once I take your wallet, whether you've discovered it or not.