You are viewing a single comment's thread.

view the rest of the comments →

0
27

[–] olicool10 0 points 27 points (+27|-0) ago  (edited ago)

TL,DR:

  • Advanced isolation and sandboxing technologies (MMU, VT-x, VT-d) are not implemented by most operating systems (in x86).
  • Boot security on x86 is insecure. Existing technologies by Intel bring more problems than solutions.
  • The Intel Management Engine (ME) is so worrisome (and you can't opt out of it), the author considers it as "probably the biggest mistake the PC industry has got itself into".

0
0

[–] unsweetenedsoymilk 0 points 0 points (+0|-0) ago 

So, what about AMD's stuff?

0
2

[–] olicool10 0 points 2 points (+2|-0) ago 

The author wrote that, although she didn't have enough experience with the AMD platform, their stuff had something similar to Intel ME.

Platform Security Processor (PSP) (AMD TATS BIOS Development Group 2013).

The boot security problems are also similar.

2
-1

[–] roznak 2 points -1 points (+1|-2) ago 

Advanced isolation and sandboxing technologies (MMU, VT-x, VT-d) are not implemented by most operating systems (in x86).

Has nothing to do with x86 but by the OS creator.

Boot security on x86 is insecure. Existing technologies by Intel bring more problems than solutions.

And how would you resolve that?

0
3

[–] olicool10 0 points 3 points (+3|-0) ago 

Has nothing to do with x86 but by the OS creator.

Okay then. I didn't specifically say it was x86's fault.

And how would you resolve that?

No idea...