Putting the "You" in CPU (2023)

(cpu.land)

98 points by vinhnx28 days ago

28 comments

amelius23 days ago
Meanwhile, companies are taking the "You" out of the CPU so they can control your hardware and by indirection, you.
- high_na_euv23 days ago
 How?
 - immibis23 days ago
 Secure boot etc. It's in every ARM device, including the management engines in x64 devices (which are ARM devices).
 - high_na_euv23 days ago
 Oh, I see.Fortunely there is still x86
 - LargoLasskhyfv23 days ago
 > Oh, I see.No, you don't.Because of the SMI/ACPI/Intel Management Engine/AMD Secure Technology/UEFI, and optionally AMT-complex, where usually only parts of can be deactivated partially, but never all of it.It's actually more bad than the above mentioned ARM-stuff, which is misinformed(maybe because of raspberry piish broadcomisms, or locked down dumbphones), because on ARM, you either can disable that stuff, or even can run your own instead.<a href="https://www.trustedfirmware.org/projects/op-tee/" rel="nofollow">https://www.trustedfirmware.org/projects/op-tee/</a><a href="https://github.com/OP-TEE" rel="nofollow">https://github.com/OP-TEE</a><a href="https://docs.kernel.org/next/tee/op-tee.html" rel="nofollow">https://docs.kernel.org/next/tee/op-tee.html</a>
 - hnuser12345623 days ago
 You would need to go back to ~2005-era Intel x86 CPUs to have x86 without a backdoor baked into the silicon (as far as we know), like Pentium 4. The Core 2 / Q6600 / P35 chipset already had an early version of it. Wikipedia says AMD added their equivalent, the Platform Security Processor, around 2013, so their best CPU from 2012 would be the FX-8350.
 kimixa23 days ago
 I mean technically there's nothing they can do that SMM couldn't - introduced in a revision of the 386. It's code running with system permissions invisible to the "parent" user code and OS.You're already pretty much trusting the same people then as now, at least if they are "actively malicious".
 - amelius23 days ago
 There is <a href="https://en.wikipedia.org/wiki/Intel_Management_Engine" rel="nofollow">https://en.wikipedia.org/wiki/Intel_Management_Engine</a>Anyway, it will be maybe a few years until the governments will get the idea of enforcing their own management engines into our hardware :/
lucasoshiro23 days ago
Since the first time that I saw this here in HN I've been sharing it with several people around me. This including CS students, CS professors and non-technical people who only asked "how does a computer work?". I only say "just type 'cpu.land' and read that". This is one of the best things that I've found here.
Isamu23 days ago
I think this is a good overview for most people, this is probably what they want.For me personally I was surprised given the name that very little is about cpus and most of the material is in the operating system.
- archmaster23 days ago
 I guess I gotta write one about CPUs now ;)
 - Isamu23 days ago
 No problem really, I think most people want to bootstrap quickly from the low level into the higher abstractions that they care about, few people want to stay down in the cpu itself.
napolux23 days ago
<a href="https://news.ycombinator.com/item?id=46574687">https://news.ycombinator.com/item?id=46574687</a>
CagedCoder23 days ago
> The bottom of every page is padded so readers can maintain a consistent eyeline.God bless
itopaloglu8323 days ago
Great introduction to programming fundamentals as well.Being able to explain something this simply usually requires a very good understanding of the entire subject.
drob51823 days ago
Great presentation.
enricotr23 days ago
Very fine site!
3066795223 days ago
[dead]
3066795223 days ago
[dead]
3066795212 days ago
[dead]
3066795221 days ago
[dead]
3066795221 days ago
[dead]
3066795223 days ago
[dead]
duo12323 days ago
[dead]
3066795221 days ago
[dead]
3066795221 days ago
[dead]
3066795222 days ago
[dead]
3066795221 days ago
[dead]
3066795221 days ago
[dead]
3066795221 days ago
[dead]
3066795221 days ago
[dead]
3066795221 days ago
[dead]
3066795221 days ago
[dead]
3066795223 days ago
[dead]
3066795223 days ago
[dead]
duo12323 days ago
[dead]
3066795221 days ago
[dead]