Thats how it has always been and always will be. If a threat actor had free access to your device for even just a couple seconds, its compromised rare earth trash.
Exactly.
Silicon is not a rare earth element.
Neither is Aluminium nor plastic nor Lithium (it’s getting rarer alright, but doesn’t fall into the category).
The amount of rare earth elements is really small in these devices.
Explain. The way i understand it, if somebody flashes malware into your firmware or bootloader then that device cant really be guaranteed to ever be safe again.
i know this is not for PCs but GrapheneOS uses the Google Titan chip and this app to solve that problem.
might be a long time before we get similar hardware for PCs. the only thing that’s remotely similar is the Apple T2 for MacBooks but there’s no Linux distro with comparable security to GrapheneOS yet.
Secure boot helps protect against evil maid attacks by checking hardware and OS signatures. If the boot process has been tampered with, the user can be alerted that the secure boot process can no longer properly verify signatures.
While its probably true that you can no longer guarantee that system can be used safely ever again, at least you will be aware that it was tampered with and you can go ahead and send that system to e-waste and get you a new system.
Physical access = electronic waste
Thats how it has always been and always will be. If a threat actor had free access to your device for even just a couple seconds, its compromised rare earth trash.
Nope
Exactly.
Silicon is not a rare earth element.
Neither is Aluminium nor plastic nor Lithium (it’s getting rarer alright, but doesn’t fall into the category).
The amount of rare earth elements is really small in these devices.
Explain. The way i understand it, if somebody flashes malware into your firmware or bootloader then that device cant really be guaranteed to ever be safe again.
i know this is not for PCs but GrapheneOS uses the Google Titan chip and this app to solve that problem.
might be a long time before we get similar hardware for PCs. the only thing that’s remotely similar is the Apple T2 for MacBooks but there’s no Linux distro with comparable security to GrapheneOS yet.
Secure boot helps protect against evil maid attacks by checking hardware and OS signatures. If the boot process has been tampered with, the user can be alerted that the secure boot process can no longer properly verify signatures.
While its probably true that you can no longer guarantee that system can be used safely ever again, at least you will be aware that it was tampered with and you can go ahead and send that system to e-waste and get you a new system.
a raspi, soic8 clip and coreboot
isn’t coreboot strictly for x86?
you use a soic8 clip and the raspi to connect directly to the SPI ROM on some other computer so you can flash coreboot on it without any obstructions