[gray_charger]

PSP is a trusted execution environment not a remote management platform. There is no reason anyone should want to remove this from a privacy perspective. In fact, privacy and security software may be hindered without something like PSP or SGX.

[the8472]

Perhaps if you could replace the trust root with your own. But as they are now it's the manufacturer that's in control.

[mjg59]

If you don't trust the manufacturer of your CPU, how do you trust any of the software running on that CPU?

[ploxiln]

Well, you don't have that much choice of CPU manufacturers, if you want a 65W+ performance class CPU, so you do the best you can.

But anyway, there are many manufacturers that were happy to sell widgets without internet-connected software, and compete on the quality and price of those widgets in a fairly honest way. But when it became possible to embed software that can send data to the internet somehow, well various departments just could not resist demanding their engineers do so. Support costs can be massively reduced if you can just see what the stupid user did and remote in with the backdoor key and fix their misconfigured router/vpn/appliance (true story). And your marketing and product-planning teams are just severely hobbled by not having all the telemetry they can dream of, there's just millions wasted on team salaries and marketing spend if they can't get that user data sent to the SAAS marketing/crm tool they want. But when a car didn't have internet-connected computers in it, they just had to do without.

We trust CPU manufacturers to act like reasonable companies. They make some good stuff, that's how they make money. They're not fly-by-night ventures. They can't risk the huge investments in their brand and their business. And they're not malicious spies trying to screw with you via very tricky microcode. But if they can conveniently put some value-add in the hidden support cpu because the marketing or support team really needed it ...

[mjg59]

The PSP is in the CPU, not the motherboard chipset, and doesn't have any access to the network. You can't get commands to it bypassing the main CPU.

[the8472]

It's about the continued leverage they have by holding the key after you bought the CPU. They could be forced by secret court to sign backdoored firmware. And of course you can't load your own firmware, only whatever they release and sign. If they're generous they'll release a stripped-down version, sure, but that's still their choice, not yours.

[mjg59]

So, uh, don't update the firmware? There's no need for them to backdoor the CPU via the PSP when they could just do it via a microcode update.

[the8472]

Backdoored firmware isn't about updates. It's about rootkit or evil maid attacks that install backdoored firmware that has been signed by the vendor. If you're using your own trust root then a 3rd party can't create a signature, even under duress. Thus there would be less of an incentive to pressure the vendor.

Updates are a separate concern since you'll want them for bugfixes. So they should be reviewable, open source. And then you check the vendor's signature and replace it with your own if you want. At least that's how things should work.

[parker_mountain]

>In fact, privacy and security software may be hindered without something like PSP or SGX.

While this is technically correct, trust and transparency are key aspects - something that PSP is missing.

[rurban]

As trusted execution env has nothing to do with sniffing network traffic or have access to main memory, IO, CPU registers .

So why does it do so? Because it's merely a backdoor, not a trusted enclave.

[gray_charger]

A TEE has nothing to do with any of that. A TEE is a CPU feature that generates a physically separate area of memory that no other process can access to protect sensitive data from even the OS (in case of compromise).

[justinclift]

"Trusted by whom" is the problem.

If the end user was in control of the PSP, that'd be great. :)

However that's not the case. :(

[gray_charger]

If the end user was "in control" of the PSP that'd defeat the purpose. These features are supposed to remain a secure enclave even if the machine is compromised.

[justinclift]

Yeah, that's clearly not even fit for purpose by design.

At least from the perspective of end users. :)

Thinking about it a bit more, it also seems to be at odds with how security in the world works.

Is there any case of having equipment be in the hands of end users for unlimited time (and without supervision), where the security doesn't get cracked?

Once a single exploitable bug in the implementation is discovered, the whole thing becomes useless. Perhaps worse than useless, once malware starts to embed itself in the PSP.

[kmeisthax]

So, if I remember correctly AMD PSP started out as a response to Intel ME, whose main selling point at the time was that businesses could remote into a compromised system and wipe malware without the malware being able to fight back. PSP also enables a few other things like encrypted virtualization - being able to lock AWS's staff out of the contents of my VMs' memory. That sort of feature isn't really useful to individual consumers.

SGX is an interesting case since Intel actually axed the feature a year ago. The only thing it did was enable more DRM for 4K Blu-Rays, and Hollywood's response to that feature going away has been to just refuse to let you play 4K Blu-Rays on PCs.

I'm not sure what other feature is involved here that would make sense in this use case. I mean, yes, PSP also can be used to enforce BIOS signing requirements, but the whole point of Coreboot is to be able to have a Free-as-in-freedom BIOS that you can legally and technically modify. If you wanted to do Apple-style secure local signing[0] of the modified BIOS, that'd be cool, but as far as I'm aware that's not on offer. So the PSP is a security deadweight for the kinds of techies that would care about Free BIOS.

Furthermore, there IS a very large customer that has wanted to remove these kinds of secure enclaves from their systems: the US government, specifically the National Security Administration[1]. There's a special configuration option in Intel ME to turn off everything but basic system bring-up. Why would the NSA want to turn off "privacy and security software" on their own machines? Well, again, the whole "wipe a compromised system without the malware being able to resist" thing implies that this isn't merely a security enclave, but a backdoor that could be compromised by a third-party. If you aren't specifically using that remote management stuff, you want the ME to be as brain-dead as possible.

[0] On Apple silicon that is fused for Macs, the bootloader allows booting operating systems that are signed with the Secure Enclave's local key. There is no unsigned boot; instead the Owner account on macOS has to authorize signing a new third-party OS in a special recovery mode in order to install, say, Linux or whatever.

Oh, and Apple doesn't actually give the Secure Enclave the ability to mess with the main application processor. It's more akin to a TPM, where it can withhold encryption keys from the regular OS but it can't actively snoop on it. So they also understand why PSP/ME were bad ideas.

[1] https://www.csoonline.com/article/3220476/researchers-say-no...

[gray_charger]

> So, if I remember correctly AMD PSP started out as a response to Intel ME, whose main selling point at the time was that businesses could remote into a compromised system and wipe malware without the malware being able to fight back.

Do you have a source for this?

> SGX is an interesting case since Intel actually axed the feature a year ago. The only thing it did was enable more DRM for 4K Blu-Rays, and Hollywood's response to that feature going away has been to just refuse to let you play 4K Blu-Rays on PCs.

Signal used Intel SGX for remote attestation of their servers and is also using it for their upcoming username/password features to generate keys without Signal's knowledge (since it's a private enclave).

> Furthermore, there IS a very large customer that has wanted to remove these kinds of secure enclaves from their systems: the US government, specifically the National Security Administration[1]. There's a special configuration option in Intel ME to turn off everything but basic system bring-up. Why would the NSA want to turn off "privacy and security software" on their own machines? Well, again, the whole "wipe a compromised system without the malware being able to resist" thing implies that this isn't merely a security enclave, but a backdoor that could be compromised by a third-party. If you aren't specifically using that remote management stuff, you want the ME to be as brain-dead as possible.

I need a source saying PSP has remote management capability.

> Oh, and Apple doesn't actually give the Secure Enclave the ability to mess with the main application processor. It's more akin to a TPM, where it can withhold encryption keys from the regular OS but it can't actively snoop on it. So they also understand why PSP/ME were bad ideas.

What does "snoop" mean here? How can PSP "snoop" without remote management capability?