From mboxrd@z Thu Jan 1 00:00:00 1970 From: Bernhard Bitsch To: development@lists.ipfire.org Subject: Re: Matthew Garrett: Producing a trustworthy x86-based Linux appliance Date: Sun, 06 Jun 2021 11:25:16 +0200 Message-ID: <0c68dd36-12aa-0977-d987-8b2c1bfd0ea9@ipfire.org> In-Reply-To: <771B31EE-234B-4176-9C93-AD56F3677501@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4150646155490803861==" List-Id: --===============4150646155490803861== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, Michael you are right. Am 03.06.2021 um 14:40 schrieb Michael Tremer: > Hello, >=20 > I have seen this article as well, but I did not take away much from it. >=20 > It says to me: >=20 > * You cannot trust hardware > * You cannot trust firmware >=20 You can't verify hardware and firmware, because you do not get a=20 complete description, which is necessary despite of com=C3=BClexity. > And so any software running on top of that cannot validate itself. We just = have to hope for the best. >=20 Software itself can be verified in most parts, theoretically. But it a=20 matter of complexity whether this can be done in an adequate time. What can't be verified is the implementation, see above. - Bernhard > -Michael >=20 >> On 2 Jun 2021, at 22:25, Peter M=C3=BCller wr= ote: >> >> Hello *, >> >> in case anybody still needs reading matter, https://mjg59.dreamwidth.org/5= 7199.html might >> be worth a lecture - if you trust the (x86) hardware, that is. :-) >> >> Thanks, and best regards, >> Peter M=C3=BCller >=20 --===============4150646155490803861==--