[Arm-netbook] bunnie about riscv

ronwirring at Safe-mail.net ronwirring at Safe-mail.net
Sun Jun 11 21:38:04 BST 2017 

-------- Original Message --------
From: Neil Jansen <njansen1 at gmail.com>
Apparently from: arm-netbook-bounces at lists.phcomp.co.uk
To: Eco-Conscious Computing <arm-netbook at lists.phcomp.co.uk>
Subject: Re: [Arm-netbook] bunnie about riscv
Date: Sun, 11 Jun 2017 11:07:56 -0400



Thank you for the information.
I have watched a rutkowska video on how complicated
intel's management features are.
Difficult.



> On Sat, Jun 10, 2017 at 11:54 AM, <ronwirring at safe-mail.net> wrote:
> 
> > It was very informative. A lot of the technical matter I did not
> understand.
> 
> This was a GREAT talk.  Thanks for the link.
> 
> > Can you explain:
> > 23.04 The 2 lowermost boxes?
> 
> 1) PDK / Foundries.  The factories in which the chips are made in.  They're
> not open.  They're proprietary and there's a implication of trust.
> 2) Equipment / Raw Materials.  The equipment that makes the chips and the
> raw materials that go into the chips.  All a very cloudy and and murky area
> that is not open, and very proprietary.
> 
>  He's basically saying that those that want *100%* open source hardware
> would require infinite recursion down to the raw components, which is
> impossible.  That's the whole point of the talk.  The 'impedance mismatch'
> thing is a sort of metaphor to describe the unrealistic expectations of
> those idealists that want 100% open source hardware.  He's saying it cannot
> happen today.  And BTW I've met Bunnie on several occasions, he's legit,
> and you can trust what he's saying to be technically correct.  He's the
> real deal.
> 
> > What is a stepper?
> 
> A stepper motor. That is, do you trust the motors that move the machines
> that made the integrated circuits?
> 
> > What is fuse?
> 
> See this link:
> https://electronics.stackexchange.com/questions/1262/what-are-atmel-fuses
> 
> 
> > 25.15 The 4 lowermost boxes?
> 
> * BIOS
> * Firmware
> * Hidden / fused silicon blocks - Blocks of silicon on the chip that aren't
> usually turned on, but are there.  Lots of big vendors are doing this now:
> Intel, AMD, Nvidia, and it's anyone's guess as to what their real purpose
> is.  That leads to conspiracy theories, as Bunnie said.  This is a problem
> because if you put a chip like this into an open source laptop, it begs the
> question of what would happen if something turned on that section and
> started execution code from it?  Nobody will know until (A) documentation
> is leaked from the company or (B) someone reverse engineers it.  Basically
> if you use anything application processor chip made in the last 5-10 years,
> you probably have some hidden / fused silicon blocks doing god knows what.
> * Pre-boot microcode - Microcode (https://en.wikipedia.org/wiki/Microcode)
> that executes BEFORE your computer boots.   This is a big deal, because
> everything that happens after this point can be considered suspect.
> (similar to how a boot virus would spread because it executes first).
> * IP industry practices - Intellectual property used by silicon
> manufacturers that are not open.  What he's saying is, say that you're a
> silicon vendor and you just bought a intellectual property from ARM to make
> an ARM chip.  They're giving you HDL (hardware description language) and
> netlists (a large list of the connections to be made in the die), and guess
> what, they gave them to you encrypted so that their intellectual property
> is safe.  You (the guy that runs a third party chip factory) cannot review
> or inspect the intellectual property that ARM gave you.  The point here is
> that unless you're using an open source (RISC-V, etc) core, then using an
> ARM isn't really 100% open source hardware.
> * Mask trojans & glitches - These are malicious things in the CPU die
> itself, that even if you were looking at the silicon die under a microscope
> and studying it, you'd still completely miss it.  Very nasty but they


Remarkable that you cannot do a verification using a microscope.



> exist.  Hackaday.com has a lot of interesting articles that break these
> sort of things down in layman's terms.  Very interesting.  Basically
> because these exist, there's no way to know that you are really executing
> what you think you are executing unless you built the foundry and
> supervised the chips being made, and analyzed everything that went into the
> manufacture of them.  It's a trust problem.
> 
> These are all highly complex subjects that hardware engineers like Bunnie
> deal with a lot, and other (I'll say idealist) software guys probably have
> never thought of. They're important in that when you realize that they're
> there, you will then understand how silly wanting 100% open hardware really
> is.  It's a huge problem that hardly anybody is trying to fix.
> 
> 
> Recently the 6502 was completely dissected and recreated, so that's one of
> the only fully documented (and I'd say fully trusted) cores out there
> today.  And that was made probably before I was born.  Everything since
> that should be assumed to be compromised and < 100% open.  Oh, and even
> then, the 6502 would have to hook up to OTHER chips like flash, RAM, and
> whatever generates the video and handles the peripherals.  Those have not
> been completely dissected, and could be suspect.  Do you see what Bunnie
> means now?  That's the impedance mismatch.
> 
> 


We should have libre software hdds and ram.



> P.S. my apologies to LKCL and others, I don't have a plain text email
> client.
> _______________________________________________
> arm-netbook mailing list arm-netbook at lists.phcomp.co.uk
> http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
> Send large attachments to arm-netbook at files.phcomp.co.uk

More information about the arm-netbook mailing list