A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1 percent of the documents have been published, but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by Jacob Appelbaum.

  • NaN@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    1 year ago

    Yes, exactly. It has similar concerns to Intel ME (and its fTPM). “I wonder who the fTPM manufacturer is” makes no sense.

    • culpritus [any]@hexbear.net
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Then who makes the coprocessor that is inserted into the die?

      Looking into more details of the boot process, it seems like the UEFI manufacturers such as AMI or Phoenix might be the best place to insert a pre-OS boot back door. The PSP (CCP) is just what is used to bootstrap before this step in the process.

      https://www.igorslab.de/en/inside-amd-bios-what-is-really-hidden-behind-agesa-the-psp-platform-security-processor-and-the-numbers-of-combo-pi/

      • barsoap@lemm.ee
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        1 year ago

        Then who makes the coprocessor that is inserted into the die?

        AMD, obviously, they’re not going to let anyone mess with their lithography masks. With IP bought from ARM, to wit: It’s a Cortex A5, which is a bog-standard block of IP if you need something better than a microcontroller but not really beefy either. Or you could say that TSMC makes them, just as the rest of the silicon.

        (AMD also has an ARM architecture license and thus the right to design its own ARM cores but a) those were designed to be in a completely different performance class (application server) and b) they never made it to market. They’re now probably tinkering on RISC-V in the background in their eternal quest to not have Intel fused to their hip by x86).