Fact: The Snowden leaks confirmed the long suspicion that governments work to backdoor software and hardware at an insane level. Related fact: Governments also try crazy hard to bust into insecure, vulnerable devices to compromise them.<p>So we have this really annoying catch 22, where people like this author report on real security and tamper protection systems as bad -- yet without them, the device would actually be prone to different actors attempting to own devices remotely.<p>Every security mechanism in place on modern computing hardware can be viewed as being either cryptographically important or encumbered against users. The fact of the matter is that it's extremely hard to build a platform that's resistant to all types of attack without also encumbering real users and real benefits of device ownership.<p>At some point, I just want to throw my hands up and ask why people continue to buy these devices if they dislike them so much. I can understand wanting to tinker and wanting to hack. But voluntarily forking over money just to complain about why that platform isn't an open box amazes me. It's plenty easier to buy a hackable and open by default platform than it is to buy a closed one and try to turn it into an open one.
>To my knowledge, there has been no detailed public discussion of this NSA-imposed atrocity anywhere on the Net,<p>This blog post asserts that it was imposed by the NSA. Where is the evidence for that? The only source seems to be what appears to be speculation by some person on IRC.<p>>20:23 <asciilifeform> from my pov, it's nsa rootkit<p>It's hard to take this post very seriously when there's disinformation like this.
From the article this is part of any modern Chromebook:<p>The Cr50 device is a classic “Fritz chip” — i.e. a hardware “policeman”, built into a computing device [...], so as to specifically and deliberately act against the purchaser’s interests, by subverting the Laws of Sane Computing in these three ways:<p>Prevention of the full control of the machine by its physical owner, typically by inhibiting attempts to install modified firmware. [...]<p>Enablement of one or more types of “NOBUS” back door (Official NSA terminology! “No One But US“, [...]<p>Prevention of a clueful hardware owner’s attempts to “jailbreak” — to disable, remove, or circumvent the Fritz chip itself.
The author’s writing style makes them a little difficult to follow, but the details I can find seem to check out.<p>Does anyone know which Google/ChromeOS features this chip is used for, or what the justification for it is?
Author of linked article speaking (supposing anyone is still reading, thread already marked as spam?)<p>I recommend to actually read Google's <i>published</i> Cr50 sources -- no reason to take my word for it. All of the functionality I described -- and more -- is there, plain as daylight, with comments. Including the backdoor pubkeys.
Off Topic — the author forgot to upgrade their reCaptcha integration.<p>Any calls to Google reCaptcha v1 API will not work after March 31, 2018 [1].<p>[1] <a href="https://developers.google.com/recaptcha/docs/faq#what-happens-to-recaptcha-v1" rel="nofollow">https://developers.google.com/recaptcha/docs/faq#what-happen...</a>