@avolkov what's your take-away from that talk, and the whole Bloomberg situation?

@rysiek For things as they are, unsecured BMCs and chips with updatable firmware everywhere -- this seems plausible.

I like how the conclusion of the talk is to use audit-able open hardware with TPM modules.

@galaxis @avolkov I even follow him, but for some reason completely failed to connect the dots.

Great talk, @qrs !

@rysiek As for bloomberg article, I find it weird how all the companies i.e. Apple, Amazon, Microsoft and Supermicro, all denied anything that might be wrong with their products.

@avolkov weird in what sense? I would have expected them to deny...

@rysiek I think I expected them to say something like -- this is an interesting idea we are going to investigate and return with the findings, but instead it was outright denial, as if even acknowledging that something might be wrong would threaten their business.

@avolkov well that's because even acknowledging that something might be wrong would indeed threaten their business, I guess.

I keep saying that until one of the companies sues Bloomberg, I will continue to be a bit more inclined to believe the article.

Sign in to participate in the conversation
Mastodon

Generalistic and moderated instance. All opinions are welcome, but hate speeches are prohibited. Users who don't respect rules will be silenced or suspended, depending on the violation severity.