Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
I totally agree with you, finding exploits is way easier, especially with practically unlimited resources. The whole Me-thing is blown completely out of porpotion, altough of course you do not want an Me, especially not me 11/ any closed source remote admin functions you cant effectively disable nor remove. Also, please do not mention Purism in the same Sentence with legit Opensource Projekts like Qubes ore coreboot.This is very offending for people like the coreboot ore Qubes devs who actually try to make people free and secure, while others in comparison only scam people by making them believe their laptops/handys are opensource and with coreboot. cheers On 05/12/18 16:46, charly LEMMINKÄINEN wrote: > Anyway people, even if he was saying the truth. Then why is he silent > then ? Why doesn’t he have joined purism or coreboot or qubes or > others to neut the ME? > > The difference between reality and what can be real is really thin and > it’s often easier to believe what could be then what really is. > > First you need to indentify the goal and here it is not clear. Do you > know why ? > Because it would mean that Chinese could get access to it with enough > intelligence. Russian could get access to it. And what you are calling > Odin so the NSA or any other entity, don’t want all that because it > would mean that even them are at risk ;) which is clearly not the goal. > You don’t want to implement something that you can not control. > So it’s easier to find an exploit, there are enough of them. Or to > create one within software or OS where you can patch it easily than in > hardware. > > The real threat from all time, is not the intelligence services, it’s > the companies. Anything else doesn’t matter. > > Obtenez Outlook pour iOS <https://aka.ms/o0ukef> > > *From:* qubes-users@googlegroups.com on > behalf of awokd > *Sent:* Saturday, May 12, 2018 4:38:08 PM > *To:* qubes-users > *Subject:* Re: [qubes-users] Intel ME Backdoor, called Odin's Eye > > On Thu, May 10, 2018 12:37 am, dangmad...@gmail.com wrote: > > On Wednesday, January 10, 2018 at 2:02:36 PM UTC-8, awokd wrote: > > >> I don't trust ME either and run me_cleaner but that link is just some > >> unsubstantiated text. If he'd really been working at Intel 15 years he > >> should have been able to get copies of internal documentation at least. > >> A > >> blacked out W-2 form doesn't cut it either. > > > > Do you find that sticking your head in the sand to be a productive form > > of security? > > How does requiring proof instead of an anecdote equate to sticking one's > head in the sand? Do you believe all scientists are sticking their head in > the sand when they do research? > > > I'm sorry that this information upset you so much, but by denying it > > you're only putting others in harms way. > > What gave you the impression I was upset? > > > Maybe you'd like for others to have security vulnerabilities? > > No, that's why I encourage them to use Qubes. I think you must be new > here. Check out some of my other posts. > > > Perhaps you are exposing your agenda too much? > > Re-read the first sentence of what I wrote above, perhaps more slowly this > time, then explain what agenda it is you think I have. > > > > -- > You received this message because you are subscribed to the Google > Groups "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/5cca9a5a8bfd3e53a8a53f1e560dfda1%40elude.in. > For more options, visit https://groups.google.com/d/optout. > -- > You received this message because you are subscribed to the Google > Groups "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to qubes-users+unsubscr...@googlegroups.com > <mailto:qubes-users+unsubscr...@googlegroups.com>. > To post to this group, send email to qubes-users@googlegroups.com > <mailto:qubes-users@googlegroups.com>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/AM5P190MB03374A2B4B81C19532CBE1EAAB9E0%40AM5P190MB0337.EURP190.PROD.OUTLOOK.COM > <https://groups.google.com/d/msgid/qubes-users/AM5P190MB03374A2B4B81C19532CBE1EAAB9E0%40AM5P190MB0337.EURP190.PROD.OUTLOOK.COM?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
Anyway people, even if he was saying the truth. Then why is he silent then ? Why doesn't he have joined purism or coreboot or qubes or others to neut the ME? The difference between reality and what can be real is really thin and it's often easier to believe what could be then what really is. First you need to indentify the goal and here it is not clear. Do you know why ? Because it would mean that Chinese could get access to it with enough intelligence. Russian could get access to it. And what you are calling Odin so the NSA or any other entity, don't want all that because it would mean that even them are at risk ;) which is clearly not the goal. You don't want to implement something that you can not control. So it's easier to find an exploit, there are enough of them. Or to create one within software or OS where you can patch it easily than in hardware. The real threat from all time, is not the intelligence services, it's the companies. Anything else doesn't matter. Obtenez Outlook pour iOS<https://aka.ms/o0ukef> From: qubes-users@googlegroups.com on behalf of awokd Sent: Saturday, May 12, 2018 4:38:08 PM To: qubes-users Subject: Re: [qubes-users] Intel ME Backdoor, called Odin's Eye On Thu, May 10, 2018 12:37 am, dangmad...@gmail.com wrote: > On Wednesday, January 10, 2018 at 2:02:36 PM UTC-8, awokd wrote: >> I don't trust ME either and run me_cleaner but that link is just some >> unsubstantiated text. If he'd really been working at Intel 15 years he >> should have been able to get copies of internal documentation at least. >> A >> blacked out W-2 form doesn't cut it either. > > Do you find that sticking your head in the sand to be a productive form > of security? How does requiring proof instead of an anecdote equate to sticking one's head in the sand? Do you believe all scientists are sticking their head in the sand when they do research? > I'm sorry that this information upset you so much, but by denying it > you're only putting others in harms way. What gave you the impression I was upset? > Maybe you'd like for others to have security vulnerabilities? No, that's why I encourage them to use Qubes. I think you must be new here. Check out some of my other posts. > Perhaps you are exposing your agenda too much? Re-read the first sentence of what I wrote above, perhaps more slowly this time, then explain what agenda it is you think I have. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5cca9a5a8bfd3e53a8a53f1e560dfda1%40elude.in. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/AM5P190MB03374A2B4B81C19532CBE1EAAB9E0%40AM5P190MB0337.EURP190.PROD.OUTLOOK.COM. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On Thu, May 10, 2018 12:37 am, dangmad...@gmail.com wrote: > On Wednesday, January 10, 2018 at 2:02:36 PM UTC-8, awokd wrote: >> I don't trust ME either and run me_cleaner but that link is just some >> unsubstantiated text. If he'd really been working at Intel 15 years he >> should have been able to get copies of internal documentation at least. >> A >> blacked out W-2 form doesn't cut it either. > > Do you find that sticking your head in the sand to be a productive form > of security? How does requiring proof instead of an anecdote equate to sticking one's head in the sand? Do you believe all scientists are sticking their head in the sand when they do research? > I'm sorry that this information upset you so much, but by denying it > you're only putting others in harms way. What gave you the impression I was upset? > Maybe you'd like for others to have security vulnerabilities? No, that's why I encourage them to use Qubes. I think you must be new here. Check out some of my other posts. > Perhaps you are exposing your agenda too much? Re-read the first sentence of what I wrote above, perhaps more slowly this time, then explain what agenda it is you think I have. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5cca9a5a8bfd3e53a8a53f1e560dfda1%40elude.in. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On Wednesday, January 10, 2018 at 2:02:36 PM UTC-8, awokd wrote: > On Wed, January 10, 2018 8:35 pm, dangmad...@gmail.com wrote: > > On Sunday, January 7, 2018 at 10:14:26 AM UTC-8, haaber wrote: > > > > That Red Pill is a bitter one, isn't it? > > I don't trust ME either and run me_cleaner but that link is just some > unsubstantiated text. If he'd really been working at Intel 15 years he > should have been able to get copies of internal documentation at least. A > blacked out W-2 form doesn't cut it either. Do you find that sticking your head in the sand to be a productive form of security? I'm sorry that this information upset you so much, but by denying it you're only putting others in harms way. Maybe you'd like for others to have security vulnerabilities? Perhaps you are exposing your agenda too much? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0bd0d196-4a11-4257-9e2f-3acaba7af63f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On Wed, January 10, 2018 8:35 pm, dangmad...@gmail.com wrote: > On Sunday, January 7, 2018 at 10:14:26 AM UTC-8, haaber wrote: > That Red Pill is a bitter one, isn't it? I don't trust ME either and run me_cleaner but that link is just some unsubstantiated text. If he'd really been working at Intel 15 years he should have been able to get copies of internal documentation at least. A blacked out W-2 form doesn't cut it either. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/17ebf5d641fe86e2d5c9f125d59bbd05.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On Sunday, January 7, 2018 at 10:14:26 AM UTC-8, haaber wrote: > > https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597&s=339d919645f1de31a42913c748d1d7fb > I personally consider > this troll post. That Red Pill is a bitter one, isn't it? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2120b2aa-34b3-4576-95c7-8d33be43c7d2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On Mon, January 8, 2018 11:19 pm, Franz wrote: > On Mon, Jan 8, 2018 at 7:41 PM, Vít Šesták < > groups-no-private-mail--contact-me-at--contact.v6ak@v6ak.com> wrote: > >> Not sure about that. Qubes is not just set of tools. It is also a set >> of careful choices of configuration (e.g., strictly using HVMs with >> stubdoms). I might be wrong, but I don't think you can get a comparable >> level of security easily. You would have to take similar choices and >> maybe even to make a new decisions that affect security. You are right. There's a good overview here: https://www.qubes-os.org/news/2017/10/03/core3/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/59a3435cb1d18e8ca983c34a1cd6d788.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On Mon, Jan 8, 2018 at 7:41 PM, Vít Šesták < groups-no-private-mail--contact-me-at--contact.v6ak@v6ak.com> wrote: > > You could use POWER-KVM and have an assortment of VM's with shared > > folders, you can replicate all the other stuff via various methods and > > have a better security level it simply wouldn't look as slick. > > Not sure about that. Qubes is not just set of tools. It is also a set of > careful choices of configuration (e.g., strictly using HVMs with stubdoms). > I might be wrong, but I don't think you can get a comparable level of > security easily. You would have to take similar choices and maybe even to > make a new decisions that affect security. > > > Qubes isn't virtualization, it is simply a collection of tools that can > > theoretically be compiled for POWER although currently the qubes VMM is > > xen which isn't yet available for POWER (the xen devs are ignoring > > requests to assist with porting efforts). > > It is not just the collection of tools. > > You are right that QubesOS can be probably ported to KVM. Even if this is > a solution (not 100% convinced), it is not there yet. At best, TALOS 2 > might be some solution for future, not something you can buy and use just > now (for those purposes). > > > If T2 is successful (ie: enough people buy it) there are plans for a > > POWER laptop. > > Cool. > > But at the moment, it does not make me sense to buy a workstation I don't > need and hope that some time later, they will release a laptop and someone > else will port QubesOS for it. I could somewhat support efforts of porting > QubesOS to POWER9, it makes me more sense. > > > > * It is quite expensive for needs of most people. > > It fills the very high performance sector that previously had no libre > > hardware, it isn't meant for those like you and me who would be > > satisfied with the performance of one of the various libre firmware > > available boards such as the KGPE-D16, KCMA-D8 ($300 MSRP) etc... > > You are right. It is rather a good special-purpose workstation. > > > No one ever found money or success trying to sell to the average yokel. > > I could argue that selling to average yokel for low price can bring both > success and money, because there are plenty of yokels. > > I understand this is not for masses in the same scale as Windows. This is > not necessary for success. But I am also afraid this is not suitable even > for 1 % of Qubes user base. (Maybe it will be successful elsewhere, but it > does not matter much in this discussion.) > > > That option simply removes the PCI device and the Option ROM menu, it > > doesn't disable PSP - like ME it is integral to the x86-64 boot process > > so it simply can't be disabled. > > OK, good to know. > > > > But it is still matter of trust. Not having PSP/IME does not mean > there cannot be any backdoor. > > On an owner controlled system that has libre hardware, firmware and > > software it is incredibly difficult to add a backdoor function, one > > truly could trust their computer in that case. > > Not 100%. First, you cannot be 100% sure your CPU matches the design. > Second, some backdoors can look like a regular vulnerability. Those are > even worse. Good backdoor can be abused by few people, maybe it requires > digital signature. That's not good, but regular (pseudo-)vulnerabilities > are even worse, because they can be abused by much broader set of people. > > But I agree that having open CPU design can be a good start. > > Very interesting, it may happen that in a couple of years Qubes will be ported to it and I'll have to change my passwords. So it may be better to wait before buying a new laptop. best Fran -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPzH-qCDO%2BF-BVN12ABFLWiYy4BaDAGO9HqRSAQnnLJiEskjAA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
> You could use POWER-KVM and have an assortment of VM's with shared > folders, you can replicate all the other stuff via various methods and > have a better security level it simply wouldn't look as slick. Not sure about that. Qubes is not just set of tools. It is also a set of careful choices of configuration (e.g., strictly using HVMs with stubdoms). I might be wrong, but I don't think you can get a comparable level of security easily. You would have to take similar choices and maybe even to make a new decisions that affect security. > Qubes isn't virtualization, it is simply a collection of tools that can > theoretically be compiled for POWER although currently the qubes VMM is > xen which isn't yet available for POWER (the xen devs are ignoring > requests to assist with porting efforts). It is not just the collection of tools. You are right that QubesOS can be probably ported to KVM. Even if this is a solution (not 100% convinced), it is not there yet. At best, TALOS 2 might be some solution for future, not something you can buy and use just now (for those purposes). > If T2 is successful (ie: enough people buy it) there are plans for a > POWER laptop. Cool. But at the moment, it does not make me sense to buy a workstation I don't need and hope that some time later, they will release a laptop and someone else will port QubesOS for it. I could somewhat support efforts of porting QubesOS to POWER9, it makes me more sense. > > * It is quite expensive for needs of most people. > It fills the very high performance sector that previously had no libre > hardware, it isn't meant for those like you and me who would be > satisfied with the performance of one of the various libre firmware > available boards such as the KGPE-D16, KCMA-D8 ($300 MSRP) etc... You are right. It is rather a good special-purpose workstation. > No one ever found money or success trying to sell to the average yokel. I could argue that selling to average yokel for low price can bring both success and money, because there are plenty of yokels. I understand this is not for masses in the same scale as Windows. This is not necessary for success. But I am also afraid this is not suitable even for 1 % of Qubes user base. (Maybe it will be successful elsewhere, but it does not matter much in this discussion.) > That option simply removes the PCI device and the Option ROM menu, it > doesn't disable PSP - like ME it is integral to the x86-64 boot process > so it simply can't be disabled. OK, good to know. > > But it is still matter of trust. Not having PSP/IME does not mean there > > cannot be any backdoor. > On an owner controlled system that has libre hardware, firmware and > software it is incredibly difficult to add a backdoor function, one > truly could trust their computer in that case. Not 100%. First, you cannot be 100% sure your CPU matches the design. Second, some backdoors can look like a regular vulnerability. Those are even worse. Good backdoor can be abused by few people, maybe it requires digital signature. That's not good, but regular (pseudo-)vulnerabilities are even worse, because they can be abused by much broader set of people. But I agree that having open CPU design can be a good start. Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/89dc0d5d-6997-4aa5-a107-fe447c15ac02%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On 01/08/2018 01:36 PM, Vít Šesták wrote: Or you could just buy POWER 9/TALOS 2, have a libre high performance system right now and stop waiting for what will never happen (and would be immediately fixed if it did) Talos 2 looks nice in theory, but: * Qubes OS does not support this architecture. So you are going to have something more resistant to backdoors, but it is also less resistant to classical exploits. If your typical threat is not like NSA, you probably lose security. And even if it is, it is at least not clear win, as NSA could use those classical exploits anyway. You could use POWER-KVM and have an assortment of VM's with shared folders, you can replicate all the other stuff via various methods and have a better security level it simply wouldn't look as slick. Qubes isn't virtualization, it is simply a collection of tools that can theoretically be compiled for POWER although currently the qubes VMM is xen which isn't yet available for POWER (the xen devs are ignoring requests to assist with porting efforts). * Not an option for those who want a laptop. If T2 is successful (ie: enough people buy it) there are plans for a POWER laptop. * It is quite expensive for needs of most people. It fills the very high performance sector that previously had no libre hardware, it isn't meant for those like you and me who would be satisfied with the performance of one of the various libre firmware available boards such as the KGPE-D16, KCMA-D8 ($300 MSRP) etc... The target market segment is someone who already spends just as much on an equivilant performance x86-64 system every few years but who needs and desires better security (ie: they previously have bought one or more of intel's high end CPU's that cost thousands on their own). That's not to say Talos 2 has no merit. It might have some niche, but it is far far from a solution for masses. It isn't intended for the masses, although if it is successful there will eventually be lower cost versions intended and priced for the average linux power-user - already costs have came down drastically since T1. No one ever found money or success trying to sell to the average yokel. If you buy new Intel/AMD CPU's you are supporting future anti-feature development. Maybe this is not that bad for AMD: https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSP-Disable-Option That option simply removes the PCI device and the Option ROM menu, it doesn't disable PSP - like ME it is integral to the x86-64 boot process so it simply can't be disabled. Yet another journalist that doesn't check the facts before publishing. But it is still matter of trust. Not having PSP/IME does not mean there cannot be any backdoor. On an owner controlled system that has libre hardware, firmware and software it is incredibly difficult to add a backdoor function, one truly could trust their computer in that case. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/239b4913-a4d6-ae6a-cb6c-6b38fd420bad%40gmx.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
> Or you could just buy POWER 9/TALOS 2, have a libre high performance > system right now and stop waiting for what will never happen (and would > be immediately fixed if it did) Talos 2 looks nice in theory, but: * Qubes OS does not support this architecture. So you are going to have something more resistant to backdoors, but it is also less resistant to classical exploits. If your typical threat is not like NSA, you probably lose security. And even if it is, it is at least not clear win, as NSA could use those classical exploits anyway. * Not an option for those who want a laptop. * It is quite expensive for needs of most people. That's not to say Talos 2 has no merit. It might have some niche, but it is far far from a solution for masses. > If you buy new Intel/AMD CPU's you are supporting future anti-feature > development. Maybe this is not that bad for AMD: https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSP-Disable-Option But it is still matter of trust. Not having PSP/IME does not mean there cannot be any backdoor. Regards, Vít Šesták 'v6ak' -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/751ae8ce-c183-4d2e-a17d-6637d029221c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On 01/07/2018 03:27 PM, Ivan Ivanov wrote: Yes, hopefully one day we would see more leaks, that could help us to truly get rid of ME ;) Meanwhile, perhaps the only thing we could do is to stockpile those few computer models that are both coreboot (or libreboot) supported and without Intel ME / AMD PSP Or you could just buy POWER 9/TALOS 2, have a libre high performance system right now and stop waiting for what will never happen (and would be immediately fixed if it did) If you buy new Intel/AMD CPU's you are supporting future anti-feature development. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5136d332-4c56-cb68-9dd7-8ec5760fb192%40gmx.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
> > > perhaps the only thing we could do is to stockpile those > > few computer models that are both coreboot (or libreboot) > > supported and without Intel ME / AMD PSP > > Any hints on which models come into consideration? > === Already existing computers === Supported by coreboot or libreboot and preferably based on AMD cpu: AMD added PSP backdoor later than the Intel added ME backdoor, so the latest AMD without PSP is more powerful than the latest Intel without ME LAPTOP - Lenovo G505S with A10-5750M quad core CPU Also, maybe HP Pavilion M6 1035DX if you have a chance - but it is a rare model, a bit worse than G505S both in hardware and freedom aspects ( for G505S there is a leaked schematics for its' LA-A091P motherboard, which improves the repairability as well as slightly raises its' "freedom" ; haven't heard about M6 1035DX schematics ) And nobody tried it for ages, so for the latest coreboot additional work may be needed WORKSTATION - something AMD based from libreboot list: https://libreboot.org/docs/hardware/ ASUS KCMA-D8 , ASUS KFSN4-DRE , ASUS KGPE-D16 some of these boards could have issues with certain CPUs or memory modules, you need to read the libreboot website and look through the mailing list archives to ensure the best hardware compatibility while building a PC on such a mobo === New modern computers === If we need a powerful modern computer that at least tries to be free-as-in-freedom in software/hardware , and doesn't have Intel ME / AMD PSP , it must be POWER cpu based WORKSTATION - TALOS II - https://raptorcs.com/TALOSII/ very powerful hardware from a great company, available for pre orders LAPTOP - probably this one https://www.powerpc-notebook.org/en/ Currently they are doing a crowdfunding for schematics: https://www.powerpc-notebook.org/campaigns/electrical-schematics-notebook-powerpc-motherboard-donation-campaign/ TALOS II progress is more significant that laptop guys, but at least they are trying Best regards, Ivan Ivanov 2018-01-08 5:54 GMT+03:00 : > > > On 01/08/2018 03:27 AM, Ivan Ivanov wrote: >> >> perhaps the only thing we could do is to stockpile those >> few computer models that are both coreboot (or libreboot) >> supported and without Intel ME / AMD PSP >> > Any hints on which models come into consideration? > > -- > You received this message because you are subscribed to a topic in the > Google Groups "qubes-users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/qubes-users/bqRSuU3T6MA/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/a17865f5-f98a-6638-5787-66b897424e8b%40rbox.co. > > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAAaskFBFXRHw18Q0zRvL-j5UR7249UaZw%2BoSj2Y_Zoz37dK97w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On 01/08/2018 03:27 AM, Ivan Ivanov wrote: perhaps the only thing we could do is to stockpile those few computer models that are both coreboot (or libreboot) supported and without Intel ME / AMD PSP Any hints on which models come into consideration? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a17865f5-f98a-6638-5787-66b897424e8b%40rbox.co. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
Yes, hopefully one day we would see more leaks, that could help us to truly get rid of ME ;) Meanwhile, perhaps the only thing we could do is to stockpile those few computer models that are both coreboot (or libreboot) supported and without Intel ME / AMD PSP 2018-01-07 20:01 GMT+00:00 haaber : >> воскресенье, 7 января 2018 г., 18:14:26 UTC пользователь haaber написал: https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597&s=339d919645f1de31a42913c748d1d7fb Summary: Intel Whistleblower leaks details about his role in backdooring all IME chips on behalf of Intelligence Agencies. >>> The post is unspecific. Of course ME is a problem: the allegations could >>> be true or could be disinformation. "I know exactly" is an unplausible >>> formulation for a backdooring engineer - it is almost surely a wrong ot >>> statement if it was not himself who spied ... To conclude: unless some >>> details are given to enhance trustworthyness (a specific backdoor, >>> protocol, communication interface, whatsoever), I personally consider >>> this troll post. >> >> Sorry but you haven't seen the full story. This "Intel guy" is legit, he >> provided proofs like this one: >> >> https://i.warosu.org/data/g/img/0595/40/1490327898699.png > Maybe, maybe not. Who can verify scanned and blacked papers? I would > appreciate him helping me to remove it from my mainboard though! How to > do THIS is the right discussion to my pov. > > -- > You received this message because you are subscribed to a topic in the Google > Groups "qubes-users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/qubes-users/bqRSuU3T6MA/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/506eac1a-d270-e5aa-ab72-27088ddd7fea%40web.de. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAAaskFB9FS1esuD2NrYiEyNntb4U%3DCRaN%2BYvND5p1dyst679%3Dw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
*not all the whistleblowers 2018-01-07 20:22 GMT+00:00 Ivan Ivanov : > Yes, sadly not whistleblowers are reasonable, but we need any > whistleblowers - not just the Snowden tier! ;-) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAAaskFABwYJ1%3Dyc4f5BoH0ttA5_vjRMwOENr%2BRF83gR8k%2BvyAw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
Yes, sadly not whistleblowers are reasonable, but we need any whistleblowers - not just the Snowden tier! ;-) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAAaskFD8Env%3D%3DwM80yU%3DV3p2ZitEKEkhvtzT46ABPL-Lvc4SJQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
> воскресенье, 7 января 2018 г., 18:14:26 UTC пользователь haaber написал: >>> https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597&s=339d919645f1de31a42913c748d1d7fb >>> >>> >>> Summary: >>> >>> Intel Whistleblower leaks details about his role in backdooring all IME >>> chips on behalf of Intelligence Agencies. >> The post is unspecific. Of course ME is a problem: the allegations could >> be true or could be disinformation. "I know exactly" is an unplausible >> formulation for a backdooring engineer - it is almost surely a wrong ot >> statement if it was not himself who spied ... To conclude: unless some >> details are given to enhance trustworthyness (a specific backdoor, >> protocol, communication interface, whatsoever), I personally consider >> this troll post. > > Sorry but you haven't seen the full story. This "Intel guy" is legit, he > provided proofs like this one: > > https://i.warosu.org/data/g/img/0595/40/1490327898699.png Maybe, maybe not. Who can verify scanned and blacked papers? I would appreciate him helping me to remove it from my mainboard though! How to do THIS is the right discussion to my pov. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/506eac1a-d270-e5aa-ab72-27088ddd7fea%40web.de. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On Sun, Jan 7, 2018 at 4:26 PM, qma ster wrote: > воскресенье, 7 января 2018 г., 18:20:37 UTC пользователь tai...@gmx.com > написал: > > On 01/07/2018 02:46 AM, d@gmail.com wrote: > > > > > Summary: > > > > > > Intel Whistleblower leaks details about his role in backdooring all > IME chips on behalf of Intelligence Agencies. Posted 3/22/2017. Codename: > Odin's Eye > > > > > That isn't an "intel whistleblower" that is simply a random dude with > > too much time on his hands making up a bullshit story, besides there is > > no "backdooring" IME as it already is a backdoor. > > > > Intel doesn't need to add a specific backdoor for such a thing nor would > > a TLA ever ask as: > > They already have knowledge of various exploits that do the same thing > > A specific func_backdoor has zero plausible deniability > > Any foreign intel agency could easily obtain proof and tell the media. > > Sorry but you haven't seen the full story. This "Intel guy" is legit, he > provided proofs like this one: > > https://i.warosu.org/data/g/img/0595/40/1490327898699.png > > Hmmm, which is the sense to avoid telling the Intel guy name, but providing enough information for Intel to understand who is writing? If it was real, Intel and intelligence agencies would immediately act and deprive him/her of the freedom to tell or confirm more. The only working way to do that is how Snowden taught, taking full responsibility, providing plenty of evidence, getting media help and moving to a country willing to protect you. It seems > Best regards, > Ivan Ivanov > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To post to this group, send email to qubes-users@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/qubes-users/ac501523-14ca-4938-a074-0fd5a51fc6bc%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAPzH-qBVeKwdy2nhVLu_j1KtAqxzsibiuyGqsK7igPJiXuLXkg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
воскресенье, 7 января 2018 г., 18:14:26 UTC пользователь haaber написал: > > https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597&s=339d919645f1de31a42913c748d1d7fb > > > > > > Summary: > > > > Intel Whistleblower leaks details about his role in backdooring all IME > > chips on behalf of Intelligence Agencies. > The post is unspecific. Of course ME is a problem: the allegations could > be true or could be disinformation. "I know exactly" is an unplausible > formulation for a backdooring engineer - it is almost surely a wrong ot > statement if it was not himself who spied ... To conclude: unless some > details are given to enhance trustworthyness (a specific backdoor, > protocol, communication interface, whatsoever), I personally consider > this troll post. Sorry but you haven't seen the full story. This "Intel guy" is legit, he provided proofs like this one: https://i.warosu.org/data/g/img/0595/40/1490327898699.png Best regards, Ivan Ivanov -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9757603f-5905-4b2d-ba1c-22fba634b8bf%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
воскресенье, 7 января 2018 г., 18:20:37 UTC пользователь tai...@gmx.com написал: > On 01/07/2018 02:46 AM, d@gmail.com wrote: > > > Summary: > > > > Intel Whistleblower leaks details about his role in backdooring all IME > > chips on behalf of Intelligence Agencies. Posted 3/22/2017. Codename: > > Odin's Eye > > > That isn't an "intel whistleblower" that is simply a random dude with > too much time on his hands making up a bullshit story, besides there is > no "backdooring" IME as it already is a backdoor. > > Intel doesn't need to add a specific backdoor for such a thing nor would > a TLA ever ask as: > They already have knowledge of various exploits that do the same thing > A specific func_backdoor has zero plausible deniability > Any foreign intel agency could easily obtain proof and tell the media. Sorry but you haven't seen the full story. This "Intel guy" is legit, he provided proofs like this one: https://i.warosu.org/data/g/img/0595/40/1490327898699.png Best regards, Ivan Ivanov -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ac501523-14ca-4938-a074-0fd5a51fc6bc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
On 01/07/2018 02:46 AM, dangmad...@gmail.com wrote: Summary: Intel Whistleblower leaks details about his role in backdooring all IME chips on behalf of Intelligence Agencies. Posted 3/22/2017. Codename: Odin's Eye That isn't an "intel whistleblower" that is simply a random dude with too much time on his hands making up a bullshit story, besides there is no "backdooring" IME as it already is a backdoor. Intel doesn't need to add a specific backdoor for such a thing nor would a TLA ever ask as: They already have knowledge of various exploits that do the same thing A specific func_backdoor has zero plausible deniability Any foreign intel agency could easily obtain proof and tell the media. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2cc06a17-fbab-a4b5-d24e-ba3b49c09e6d%40gmx.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
> https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597&s=339d919645f1de31a42913c748d1d7fb > > > Summary: > > Intel Whistleblower leaks details about his role in backdooring all IME chips > on behalf of Intelligence Agencies. The post is unspecific. Of course ME is a problem: the allegations could be true or could be disinformation. "I know exactly" is an unplausible formulation for a backdooring engineer - it is almost surely a wrong ot statement if it was not himself who spied ... To conclude: unless some details are given to enhance trustworthyness (a specific backdoor, protocol, communication interface, whatsoever), I personally consider this troll post. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/035a9345-d5a4-89be-b260-14387cd8715d%40web.de. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Intel ME Backdoor, called Odin's Eye
https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597&s=339d919645f1de31a42913c748d1d7fb Summary: Intel Whistleblower leaks details about his role in backdooring all IME chips on behalf of Intelligence Agencies. Posted 3/22/2017. Codename: Odin's Eye -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c18ceec2-bb84-4ec4-97cb-a10e97091d6f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
