undefined | Better HN

0 pointsAnthonyMouse2y ago0 comments

> Most Linux contributions are made by multi-billions companies like IBM/Redhat.

The source code is published on the internet under the GPL. Anyone who doesn't like any of their contributions can take that one out and keep any of the others. Do you expect the Kali Linux people to include a backdoor?

> To make Linux not lawful, you would have to create your own kernel with your own altered drivers, except you can't modify binaries.

You can in fact modify binaries, it's just more work. For one person, once. Although that's fairly irrelevant because there exists hardware that doesn't require binary-only drivers.

> How would you know that the commercial CPU is not phoning home through the Intel Management Engine?

You install a firewall in front of it to detect or prevent this. Also, because it can be so easily detected and would be a scandal, it's very likely to be public knowledge if any commercial hardware in widespread use actually did this.

0 comments

3 comments · 1 top-level

eimrine2y ago· 2 in thread

Are you sure the hardware you are going to use for firewall purposes is not biased towards letting the traffic from/to Intel ME to be unnoticed? What filters are you going to set?

AnthonyMouseOP2y ago

You can install open source software on a PC from the early 2000s that predates the Intel Management Engine and use it as a firewall.

Then you use default deny and allow only e.g. a VPN connection.

eimrine2y ago

What if your computer is still accessible for Intel ME surveillance because the VPN server is also Intel ME and they would negotiate somehow to keep having your Intel ME instance an ability to phone home? Is in possible to have a VPN provider which guarantees not having any Intel machines on the network?

1 more reply

j / k navigate · click thread line to collapse