[cryptome] Re: Buying a A New Laptop? - coreboot

  • From: coderman <coderman@xxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Mon, 16 Mar 2015 15:29:42 -0700

On 3/16/15, Core TX <coretx@xxxxxxxxx> wrote:
> Loongson CPU's might not be publicly audited, but they are being used by
> the Chinese government for security purposes.
> This means that the 5 eyes network at least has to put a lot of energy into
> hacking it.

this reminds me of advice for Kaspersky over McAfee or Symantec :)

> Whereas American CPU's certainly are owned already.
> Unless you are Chinese or involved with their (geo)politics, this makes
> them a sensible option.

a hard problem, to be sure! in my case, it is more important to buy
with cash in person, rather than ship equipment through CUSTOMS.

these threat models are hardly intuitive or accessible, and my advice
may not make sense for anyone but myself...


P.S. a longer rant i have is about threat models - even if you're an
expert they're complicated. and if the experts have issues defining
threat models appropriately, how can mere mortals "pick a threat
model" ??

if experts can't define them usefully, it seems the only approach is
to pick the hardest one, and solve for that openly. but that's a
moonshot if there ever was one...

Other related posts: