On Mon, 15 Jan 2024 at 12:28, Holger Levsen <hol...@layer-acht.org> wrote: > > On Mon, Jan 15, 2024 at 10:46:14AM +0000, Luca Boccassi wrote: > > > huh, if there's a bug in the firmware to accidently store the encryption > > > key on the drive in plaintext, it doesn't cost anything extra. > > Sure, and if there's a bug in your CPU to accidentally reveal all > > kernel secrets to any unprivileged userspace process via sidechannels > > it doesn't cost anything extra either. Doesn't really mean much though > > for this case. > > it's an unneeded additional attack vector.
That depends on the threat model. It's not for mine, and most others too. > > We aren't though - and the category includes me too of course. Nobody > > is going to spend $100 million dollars to hardware-backdoor my > > computer > > yes, because several dozens are available much cheaper already. [citation needed]
