I've thought of a way to disable remote access by Intel ME and AMD PSP.

  • Registration is closed without referral. This is a website about Internet drama.

    We need a 3PL

Yun

kiwifarms.net
Joined
Dec 1, 2021
I just realized that if the router has its own remotely-accessible backdoor, then intelligence agencies and hackers can remotely connect to my router and then connect to CPU backdoors behind the router.

Even if CPU backdoors don't know how to connect to the internet on their own via the router's internal VPN, intelligence agencies can connect to the CPU backdoors via the backdoors on the router.

Thus, it's best to buy only old CPUs and old motherboards that you can flash coreboot or libreboot onto.

I'm going to keep using and buying old CPUs until open-source CPUs appear.

If the router itself doesn't have a hardware backdoor and has coreboot or libreboot and allows internet connection only through its internal VPN, then you can use any computer behind the router safely.
 

AmpleApricots

kiwifarms.net
Joined
Jan 28, 2018
Then don't have dbus on your system. I don't, it's complete bloat anyways. I'd say the only things that have irreplaceable dbus need on a linux system and which are hard to avoid are bluez for bluetooth and gtk3 because of gtk3-atk-bridge. (accessibility features) You can patch atk-bridge out of the source and then you can use gtk3 and software with gtk3 dependency without dbus. Of course if you use a binary distribution you just trust the maintainer to do the right thing......
 

Yun

kiwifarms.net
Joined
Dec 1, 2021
Then don't have dbus on your system.
Until wayland input method becomes useable on gtk, qt, and wayland apps, I have to use fcitx dbus backend.
As long as I remotely open tabs on tor browser via keyboard shortcuts, I also need dbus.

Firejail provides dbus filter and many other functionalities and many profiles.
 
Last edited:

Yun

kiwifarms.net
Joined
Dec 1, 2021

AmpleApricots

kiwifarms.net
Joined
Jan 28, 2018
Until wayland input method becomes useable on gtk, qt, and wayland apps, I have to use fcitx dbus backend.
As long as I remotely open tabs on tor browser via keyboard shortcuts, I also need dbus.

Firejail provides dbus filter and many other functionalities and many profiles.
See that's what I meant with jerking off. Freaking out over potential NSA bugs dug deep into your silicon, yet not willing to give up simple comforts and find alternative solutions to get needlessly complex, likely exploitable software off your system that's much more likely to be abused to do a dragnet kind of spying on you instead of the targeted kind of spying where some spy agency use valuable tech (to keep secret from leaking and not waste on chucklefucks) to access some super hidden opcode in your CPU to find out you looked at japanese drawings of naked ladies that one time. Instead you opt in using equally overtly complicated software with many chances of error by misconfiguration for that nice, warm sense of false security to somehow watch over the other software so that it won't misbehave in vague ways you don't even know it could potentially misbehave in, probably because you don't really know what either of them in principle does. Why do you even care about potential hardware exploits when you already have no idea what the software running on that hardware is doing?

Also the last commercial still widely, cheaply second-hand available AMD APU without PSP is the Kabini line. A fine APU line still good enough for most internet stuff if you block the heavy java crap and ITX boards with a soldered on A4-5000 last time I checked were in the Rasperry Pi price range used. It doesn't really matter anyways with PSP since it's a completely different kind of animal compared to ME. (a CPU facing, internal security kind of animal that doesn't even have a network stack compared to intel's stuff that's expressively and officially designed for remote access, although yes, both have their suite of exploits and dubious advantages for the end user) If you actually wanted to do anything but jerk off, you'd consider different silicon, amongst other things mainly something that doesn't do speculative execution by design because a concerning amount of possible bypass-everything exploits come from that direction. Something that can be directly booted with open or no specialized firmware. You might wanna lay off ordering drugs via that tor browser for a while, you don't notice how ridiculous you're being. I'm usually not on confrontation course on this forum especially not with budding schizos but jfc
 
Last edited:

Yun

kiwifarms.net
Joined
Dec 1, 2021
Freaking out over potential NSA bugs dug deep into your silicon, yet not willing to give up simple comforts and find alternative solutions to get needlessly complex, likely exploitable software off your system that's much more likely to be abused to do a dragnet kind of spying on you instead of the targeted kind of spying where some spy agency use valuable tech (to keep secret from leaking and not waste on chucklefucks) to access some super hidden opcode in your CPU to find out you looked at japanese drawings of naked ladies that one time. Instead you opt in using equally overtly complicated software with many chances of error by misconfiguration for that nice, warm sense of false security to somehow watch over the other software so that it won't misbehave in vague ways you don't even know it could potentially misbehave in, probably because you don't really know what either of them in principle does. Why do you even care about potential hardware exploits when you already have no idea what the software running on that hardware is doing?
Look. Input method is not a nice thing to have for me. I actually "have" to write in non-english languages.
If your native language wasn't english, you would also require input method for communication with your local people.
It's easy to filter dbus with firejail. dbus itself isn't a spyware. I have to assume CPU backdoors already send out information to intelligence agencies where artificial intelligence analyzes my data. Once AIs find something, humans have a look at it.

Do you really think humans are going to check every computer one by one? Artificial intelligence is necessary for dragnet surveillance.

CPU backdoors can leak every password that I have in my password manager while it is open. dbus can't do it.
CPU backdoors can read my keyboard input while dbus can't just do it.

CPU backdoors are already sending our data to intelligence agency AIs. It's not potential NSA backdoor. It is a CPU backdoor shared by all intelligence agencies on earth.
All intelligence agencies work together behind the curtain. They are one organization.

If they weren't backdoors, Intel ME and AMD PSP would be already open-source.
 
Last edited:

byuu

Non-binary they/them
kiwifarms.net
Joined
Aug 17, 2018
Reject modern computing.
Return to Altair 8800.
 

Yun

kiwifarms.net
Joined
Dec 1, 2021
It's possible to get a reasonably fast computer for casual tasks without Intel ME or AMD PSP.
Look at
* https://freundschafter.com/research...-intel-me-iamt-and-amd-psp-secure-technology/
* https://lukesmith.xyz/articles/only-use-old-computers

I think AmpleApricots could be someone from government or intelligence agency who tries to make people look the other way. He's trying very hard to divert attention from CPU backdoors. He was even denying that AMD PSP is a remotely accessible CPU backdoor.

According to https://freundschafter.com/research...security-processor-psp-amd-secure-technology/
AMD PSP has access to memory and resources of the computer system. AMD PSP has its own operating system and has drivers for network interfaces.
And, AMD PSP is closed-source.

I verified that a network interface of a computer with AMD PSP keeps communicating while the computer is off. The lights on the network interface were blinking.
A network interface for a computer without AMD PSP doesn't blink while the computer is off.

AMD PSP is able to communicate over the internet even when the computer is off.

While dbus is an unwanted bloat that I would rather not have, it is not a serious or imminent security/privacy threat because
* it doesn't have enough privilege to escape firejail/AppArmor
* it is just an insecure IPC protocol which can be filtered with firejail/AppArmor. With firejail/AppArmor dbus filtering, spywares can't just access random dbus services.

Also, any large-scale software can be sandboxed with firejail as long as it doesn't need root privilege which firejail has difficulty with sandboxing.

Any software that doesn't have enough privilege to escape firejail is not a serious threat to security and privacy. They would have limited capacity to leak information.

I also pick my softwares carefully. I always choose softwares that don't implement telemetry or allow users to turn off telemetry.
I always prefer softwares that encrypt communication and leak minimal amount of information possible.

With AppArmor, even root privilege can be sandboxed to a degree.

According to AmpleApricot's logic, I shouldn't even run web browsers because they are at least a million times more bloated than dbus or firejail. You cannot avoid trade-offs when you handle security and privacy. I sandbox applications so that any potential spywares are limited in their capacity to leak information. But, CPU backdoor cannot be sandboxed because it has the highest privilege. Thus, I need to eliminate it by using hardwares that don't have it.
 
Last edited:

AmpleApricots

kiwifarms.net
Joined
Jan 28, 2018
CPU backdoors are already sending our data to intelligence agency AIs. It's not potential NSA backdoor. It is a CPU backdoor shared by all intelligence agencies on earth.
All intelligence agencies work together behind the curtain. They are one organization.

I think AmpleApricots could be someone from government or intelligence agency who tries to make people look the other way. He's trying very hard to divert attention from CPU backdoors. He was even denying that AMD PSP is a remotely accessible CPU backdoor.

Seek help.
 

Yun

kiwifarms.net
Joined
Dec 1, 2021
Seek help.
If you are not from government or intelligence agency or hired by them, then you are likely a mainstream coincidence theorist who doesn't want to connect dots.
To you, everything is a random coincidence, and there is no concerted agenda for domination planned by powerful groups.
The fact that governments are working together or at least certain government agencies across all governments are working together is known among people who research global organized crime.

As byuu said, it's something the global ruling structure behind intelligence agencies would make people say.
 

HumanHive

Human Behavior is Exceptional Behavior
kiwifarms.net
Joined
Sep 9, 2019
If you are not from government or intelligence agency or hired by them, then you are likely a mainstream coincidence theorist who doesn't want to connect dots.
To you, everything is a random coincidence, and there is no concerted agenda for domination planned by powerful groups.
:story:
My sides are into the stratosphere.
 

Kosher Dill

Potato Chips
True & Honest Fan
kiwifarms.net
Joined
Feb 3, 2013
I think AmpleApricots could be someone from government or intelligence agency who tries to make people look the other way.
Oh no, one of us has been found out, whatever will happen now?

One of them, I mean. One of them has been found out.
 

419

@FBIMiamiFL please arrest me i cant stop masturbat
True & Honest Fan
kiwifarms.net
Joined
Sep 16, 2018
This thread had so much promise on the first page and then OP had to forget to take his medication.