On Mon, Jan 15, 2024 at 10:46:14AM +0000, Luca Boccassi wrote: > > huh, if there's a bug in the firmware to accidently store the encryption > > key on the drive in plaintext, it doesn't cost anything extra. > Sure, and if there's a bug in your CPU to accidentally reveal all > kernel secrets to any unprivileged userspace process via sidechannels > it doesn't cost anything extra either. Doesn't really mean much though > for this case. it's an unneeded additional attack vector. > We aren't though - and the category includes me too of course. Nobody > is going to spend $100 million dollars to hardware-backdoor my > computer yes, because several dozens are available much cheaper already. -- cheers, Holger ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org ⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C ⠈⠳⣄ The mark of a civilized man is the ability to look at a column of numbers and weep. (Bertrand Russell)
Attachment:
signature.asc
Description: PGP signature