💾 Archived View for altesq.net › ~evenfire › posts › 2022-07-16.gmi captured on 2023-01-29 at 03:54:02. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Old computers along with old CPUs, are becoming a better offer by the day, not only because of consumerism and planned obsolescence, but because of security.
From cca. 2008, Intel CPUs have Intel ME built in, with AMD having its counterpart, AMD PSP. Both are management engines, translated from non-corporate speech, that means both are backdoored. Intel PSP can be controlled remotely, several vulnerabilities have been found in it. Luckily, it can be cleaned with ME cleaner, which purges the most dangerous parts from it, although it is a tedious process. AMD PSP cannot be controlled remotely, at least according to what is known, and some motherboards can disable it.
Now yet another backdoor is coming, Microsoft Pluton. Obviously being touted as a "security enclave" that's built into the CPU, it's a bright idea by Microsoft to secure computers, when they haven't even resolved the malware issue on their own operating system. They partnered with Intel and AMD, Pluton being present in all new CPUs. The firmware of Pluton can be updated from Microsoft's operating system, which, at the moment, seems like the same process as updating CPU microcode, although it might be reserved for them only.
Last week, an article on Phoronix reportedly showed that one of the laptops with Pluton cannot boot GNU/Linux, all because of it not being "secure." Seemingly can be disabled, probably the same process as secure boot. Microsoft isn't to be trusted, knowing their anti-competitive practices, can only imagine in what ways Pluton will be abused.
For real security, pre-2008 CPUs are more and more valuable. Without any known backdoors, they're a good deal for security, although they still must have microcode updates to be protected from vulnerabilities like Meltdown and Spectre, and as a bonus, consumerism is rejected, and less pollution on the planet.