Hacker News new | past | comments | ask | show | jobs | submit login

No, we do not. We do expect to pressure them to do the right thing, which is one of the following:

- Release ME source code

- Remove ME from consumer products

- Have a provable method of disabling the ME entirely




Even if they released source code, how could we know if was genuine?


It should compile to the same binary, you just don't be able to sign it i guess.


To compile to the same bit pattern binary, you'd need the same optimization settings (easy) with the same compiler (harder).

Intel can just give the source, but you can't trust Intel to just give you the same compiler they used, because the compiler might insert a backdoor. You'd need the compiler source, audit it for backdoors, then compile that with a trustworthy compiler. Then use the resulting compiler to compile the ME source.

(Compiler compiler compiler)


Reproducible builds are possible. Something like 94% of debian now builds reproducibly: https://tests.reproducible-builds.org/debian/stretch/index_s... and there's a post on reproducibility in Arch on the front page right now: https://news.ycombinator.com/item?id=15820356. Signal for Android builds reproducibly, too: https://signal.org/blog/reproducible-android/

Of course that only helps if you trust the toolchain.


Your comment reminds me of Ken Thompson's speech which he gave upon receiving the Turing Award: https://www.win.tue.nl/~aeb/linux/hh/thompson/trust.html

(Reflections on Trusting Trust)


The comparison between a person administering an unsecured computer network and a drunk driver has just made my list of legal IT analogies, along side BitTorrent being a car that might be used as the getaway vehicle in a robbery.

Thanks, I really enjoyed reading it!


> You'd need the compiler source, audit it for backdoors, then compile that with a trustworthy compiler. Then use the resulting compiler to compile the ME source.

It is possible (though somewhat time-intensive) to audit binaries, too. If there is real demand for this, it should be possible to crowdscale the auditing problem over a large group of OSS enthusiasts.


Auditing binaries wouldn't really do anything as it's their hardware that'd run the binary. So the hardware can be programmed to lie or to still have some backdoor.


Wouldn't that require them to open their compiler too? Compilers can be modified to inject malicious code into specific programs.


As long as the build is reproducible then they don't have to open it up. It would mean however that you'd still need to audit the compiled program to find anything injected in by the compiler.


Reproducible builds




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: