What about the hardware?

For a long time now, I’ve been actively searching and asking for any companies world-wide that sell secure hardware. What I mean by “secure” is that they have made significant efforts to attempt to remove the remote hardware backdoors found on any Intel or AMD CPU sold in the last “many years”, and that all other components don’t contain any mysterious “binary mystery blobs” or exploitable firmware.

To clarify what I mean by “remote hardware backdoors”:

“It is unlikely that any post-2008 Intel hardware will ever be supported in libreboot, due to severe security and freedom issues; so severe, that the libreboot project recommends avoiding all modern Intel hardware. If you have an Intel based system affected by the problems described below, then you should get rid of it as soon as possible.”
“the Intel Management Engine (ME) is a separate computing environment”
“the ME is present on all Intel desktop, mobile (laptop), and server systems since mid 2006.”
“The ME also has network access with its own MAC address through an Intel Gigabit Ethernet Controller.”
“It can be used remotely even while the PC is powered off”
“the ME has full access to the PC’s RAM.”
“In summary, the Intel Management Engine and its applications are a backdoor with total access to and control over the rest of the PC. The ME is a threat to freedom, security, and privacy, and the libreboot project strongly recommends avoiding it entirely. Since recent versions of it can’t be removed, this means avoiding all recent generations of Intel hardware.”

Source: https://libreboot.org/faq.html#intelme

And the same goes for AMD (basically the other half of all computers made today for consumers):

“It is extremely unlikely that any post-2013 AMD hardware will ever be supported in libreboot, due to severe security and freedom issues; so severe, that the libreboot project recommends avoiding all modern AMD hardware. If you have an AMD based system affected by the problems described below, then you should get rid of it as soon as possible.”

Source: https://libreboot.org/faq.html#amd

In my research, I have found only a handful of companies that even claim to be selling secure hardware, and they generally do this by taking outdated, used Lenovo laptops and modifying them a bit. Thus, you get old, used hardware which may not work for long as the demands increase and as they slowly disappear from the market (no new ones are produced). And, of course, you can never know if they really have successfully removed the backdoors even in those old machines, or if they add their own backdoor (perhaps the whole company is run by some entity looking for security-conscious people to track), or maybe they are real, but the package gets intercepted on the way to your house and backdoors are added back into it… (These are not paranoid fantasies.)

The only other option seems to be to buy one of those highly exotic “Talos II” machines, which are super expensive and run on an exotic CPU architecture made by IBM (POWER9). However, the same as above applies here, and if you need to do anything graphics-related, they are basically crippled as they have no powerful, modern GPU to play with, and adding those later means you introduce the “binary mystery blobs”, if your OS even is supported at all…

And that brings me to another issue: the OS/software. Without trying to start a religious war here, let’s face it: as much as I hate to say it, Windows is still the standard and it would be ridiculous to deny it. You may argue that there’s also Macs, but their hardware and software cannot be trusted for the same reasons (they use standard hardware these days and the OS/software is “big” enough and sold directly to consumers in shiny physical stores), and Linux… well… the less I say about Linux, the better.

Are there any plans by MaidSafe to also sell some sort of secure hardware (including a custom OS/software) to go along with the network? Or are you completely focused on the network itself and software for existing environments? I get the feeling that it’s not going to be possible for SAFE to operate, even when fully finished, if all the “nodes” of the network are already compromised on both the hardware and software levels.

Whenever I bring this up, even among the most hardcore security fanatics, I usually just get a resigned sigh as a reply, as if they are convinced of the hopelessness of the situation. It’s very possible that distributing such secure hardware to “the masses” is literally impossible with the whole system in place that would prevent this from happening even if well-funded, which is a very scary thought to me.

I really cannot buy any new hardware anymore, and what I already have feels (and is) completely compromised. What possible solution could there be to this?

(Predicting the usual “I’ve got nothing to hide” reply, I pre-answer it like this: “Well, then you have nothing against moving into a fully transparent glass house with hidden cameras live-streaming your every move in every room including the bathroom, right?”)

4 Likes

Unfortunately there is no really secure consumer hardware as yet. There is a movement towards creating an open source CPU but that’s probably years away. Then there are companies like Purism that introduce physical switches in their laptops rather than software ones and claim to have bypassed Intel ME - but at a price. And as you mention, who can be sure? OS-wise Linux is probably more secure than Windows, particularly something like Qubes which I’m a fan of, but it’s certainly not for everyone.

It’s really a matter of threat model: if the CIA, FSB or MI5 are after you personally then they have multiple ways of getting what they want and you’d be best off staying offline altogether. But for those of us who aren’t (to our knowledge) specific targets and who are more worried about the effects of dragnet surveillance, SAFE Network even accessed from a client running on compromisable hardware and OSs will make it much harder for the spooks to do their work as with everything end-to-end encrypted they’ll have to attack each endpoint individually. Nothing is 100% secure though.

4 Likes