From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FROM,MAILING_LIST_MULTI, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 5042 invoked from network); 5 Jan 2024 02:36:19 -0000 Received: from minnie.tuhs.org (50.116.15.146) by inbox.vuxu.org with ESMTPUTF8; 5 Jan 2024 02:36:19 -0000 Received: from minnie.tuhs.org (localhost [IPv6:::1]) by minnie.tuhs.org (Postfix) with ESMTP id EEFBD43F00; Fri, 5 Jan 2024 12:36:17 +1000 (AEST) Received: from mail-lj1-x229.google.com (mail-lj1-x229.google.com [IPv6:2a00:1450:4864:20::229]) by minnie.tuhs.org (Postfix) with ESMTPS id C0B3F43EFD for ; Fri, 5 Jan 2024 12:36:13 +1000 (AEST) Received: by mail-lj1-x229.google.com with SMTP id 38308e7fff4ca-2cce70ad1a3so14430121fa.1 for ; Thu, 04 Jan 2024 18:36:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1704422172; x=1705026972; darn=tuhs.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=RZVLrE/p8Av5gY/q5OaDgc6v3/7gt4AUnNlVcFA/mjU=; b=Ma5QdD8ldNsKoSZDzssUW22m5Dy284gGDmCSh6Pt+KErEHsPLKc21DOH5A7itOJerr 4dUXHKrYXbLvagNZw76gkafENpLfLLgO6tKBfcN7493VABLvwG1PArDsjOKXoVYIeIx2 FUTo3IF4oCspxbNLqVLU2xcvOH36lPPmkCAPKdlQc0DPGYAylW9kBeDSdIO0/I1wMzxF 1XNufK1YQJ8e8OSMkUfZvCBZsrvBy188XG4UfSvK3HLNkwxEsFBBx2kO3x7nMDlKkAJ+ CTwpHs/LJ7ohZjMCJTjdHJcB4YtRcQtVwqxv0JKxJ2xVo1yHpYjVklU76ypP8hkDHFqt 4UyA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704422172; x=1705026972; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RZVLrE/p8Av5gY/q5OaDgc6v3/7gt4AUnNlVcFA/mjU=; b=kuu2gxlQrOKc/RJngxlcUhEwJlqIqilQPKlt+X8yNlxoE95Bc0oeCT/SvocnOYeJ4f uol54k+PvB4BiYvDDoVLNwMcpSHIWNVsIlyR8foP53ZFq0Rj61oK11TdGIkdAg3jppRm zPEDp823PasYmWI+S+IJZoSvpKtVE27WR1htLdKTJcX7YtauZTFuGI8lUhZqd4hs7VBF /SzxWtgEejvxLBIHnb9kB78NPcZyzPneFChNnJCr2aR7ZsYUQZUC1BSekXNVDBq8tMWF HbtX4W7ySV5tIkLvcmDDkk08t2s80XN9L5xB9cFIssWf190xequacD8y7zGUDP5KYWrV +kBw== X-Gm-Message-State: AOJu0YzQLS2iW9TWdx49EeELMdFGAQSAhjzWDUydTFHCz+5fd3mI/hwh +XAyRhhw1F3Q7t/gTqziiz2NOk5EJ7rFfcH9Q7aFE2wp9ag= X-Google-Smtp-Source: AGHT+IEmUrHI6LjM95/0SzBWA+deiqrF5+20FTVskKTIyoxk+4G82GZN0bkTjfMuThY0FMEZmBzmyIP7/7wV2faLWoA= X-Received: by 2002:a2e:9d81:0:b0:2cc:dd06:aaad with SMTP id c1-20020a2e9d81000000b002ccdd06aaadmr756944ljj.32.1704422171525; Thu, 04 Jan 2024 18:36:11 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Dan Cross Date: Thu, 4 Jan 2024 21:35:35 -0500 Message-ID: To: Nevin Liber Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Message-ID-Hash: 2VGCO4AO7MB37QISMCY67T2N6EJZ7FXW X-Message-ID-Hash: 2VGCO4AO7MB37QISMCY67T2N6EJZ7FXW X-MailFrom: crossd@gmail.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: coff@tuhs.org X-Mailman-Version: 3.3.6b1 Precedence: list Subject: [COFF] Re: [TUHS] Re: Intel ME, UEFI, User Control was Re: Question about BSD disklabel history List-Id: Computer Old Farts Forum Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On Thu, Jan 4, 2024 at 5:15=E2=80=AFPM Nevin Liber = wrote: >[snip] >> I get wanting to protect users from say bricking the most basic firmware= on a board, but if I want to risk that, I should be completely free to do = so on a device I've fully paid for. > > Now scale it. How do you keep bad actors from bricking *my* device, espe= cially if my device is on the internet? The obvious answer is, "by preventing bad actors from getting access to the means to manipulate your firmware." > Then scale it to all the security threats besides DoS. You can disagree = with the solutions to these threats, but please don't minimize that these a= re very real threats. This is a false dichotomy, as one must bear in mind that the _existing_ firmware may already be vulnerable. We saw this with the infamous `strncmp` bug on the Intel ME a few years ago, and we saw it again just the other day with the JPEG parser bug in a number of UEFI installations in the wild. _An_ issue with closed and hidden firmware blobs is that you just don't know; that is, it's not just about abstract notions of freedom but also about transparency. >> Unfortunately the general public just isn't educated enough (by design, = not their own fault) on their rights to really get a big push on a societal= scale to change this. > > That is a pretty arrogant statement. It is far more likely that, instead= of the rest of us not being as educated as you, we just value different th= ings. > > Traditional Unix systems have, at best, focused on the developer experien= ce, and have been dwarfed for decades by systems companies focusing on the = *user* experience. I'm old enough to remember the decades when Unix was a= lways just a year away from doing better than being a distant third behind = Windows and Mac OS on the desktop. > > I want devices that are easy to get things done, don't require much futzi= ng, and isn't a nightmare for my life (due to my data that it can access) i= f I happen to break it, lose it or it gets stolen. One of the reasons I use a Mac is because macOS _is_ Unix on the desktop. := -) > For example: last year when I was hiking in the AZ desert, I got an emai= l about winning a lottery that I had entered for inexpensive show tickets f= or the next day, and I bought tickets securely with Apple Pay before the de= adline expired. All of that was performed confidently and securely with my= iPhone (well, I possibly got the email notification on my watch). While i= t may not be the world you want to participate in or care about, that is th= e kind of amazing experience that I value, and it seems the kind of experie= nce that lots of people value, as evidenced by the size of the smartphone m= arket compared with the size of the computer market. > > The open source world and hackable hardware world don't offer this kind o= f experience. Ironically, the systems you mentioned are built on Unix and open source software as a foundation. >> People just want I push button I get Netflix, > > Why wouldn't you?? While Netflix isn't perfect, are you seriously arguin= g people should want a far worse user experience? > >> >> they'll happily throw all their rights in the garbage over bread and cir= cuses....but that ain't new... > > It isn't about happily throwing away "rights" (whatever that means). It'= s about we aren't willing to pay for it. It's a tradeoff, and those who wa= nt everything hackable haven't shown much value to the rest of us, and ther= e are very real concerns about the costs both in terms of security threats = and monetary costs. I get the whole "different strokes for different folks" argument, but I think you may be underestimating the impact that the whole hackable thing has had. The whole industry seems to be over a barrel with the way that things have evolved. In many respects, we have amazing technology that lets us do really cool things (cf your examples above) and that's both valuable and important. On the other hand, in a lot of ways, it feels like we're just waiting for the other shoe to drop with something going really wrong in a hurry because we've undervalued investment in the foundations for too long. UEFI is a train wreck; ACPI is a train wreck; a lot of binary-only firmware is of dubious (at best) quality and provenance, but the industry writ large doesn't have a better solution to the real problems with these specific technologies. It's a real problem waiting to happen, and it does us as engineers, researchers, computer scientists, etc, no good to minimize that. - Dan C.