Matthew Garrett examines
the factors that go into the decision about whether to install a
firmware update or not.
I trust my CPU vendor. I don't trust my CPU vendor because I want
to, I trust my CPU vendor because I have no choice. I don't think
it's likely that my CPU vendor has designed a CPU that identifies
when I'm generating cryptographic keys and biases the RNG output so
my keys are significantly weaker than they look, but it's not
literally impossible. I generate keys on it anyway, because what
choice do I have? At some point I will buy a new laptop because
Electron will no longer fit in 32GB of RAM and I will have to make
the same affirmation of trust, because the alternative is that I
just don't have a computer.
https://lwn.net/Articles/1061048/
--- SBBSecho 3.37-Linux
* Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (86:200/23)