Bitcoin Forum
March 29, 2024, 11:38:16 AM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Tackling the privacy issues in computing with the Blockchain?  (Read 273 times)
Saidasun (OP)
Sr. Member
****
Offline Offline

Activity: 334
Merit: 275


View Profile
December 27, 2019, 10:38:35 PM
Merited by Welsh (20), suchmoon (7), ranochigo (4), 20kevin20 (4), ABCbits (1), hugeblack (1), dkbit98 (1)
 #1

I have come across a advertising campaign of the LibreM computer recently and there looks to be a lot of support. I ignored the advertising campaign for a very long time until giving in after seeing it after every other Reddit post. The advertising that these guys are putting out has been exceptional and they have been the talk of the town for a couple of years on security related subreddits. However I have not seen any discussion here on a Bitcoin forum which I thought would be interested in discussing this "new" technology that has been brought to us.

However after reading about the project I am not convinced. "Purism" who are behind the LibreM computer are a company which develops computer software and hardware which they sell with their bold statements of respecting users privacy unlike other operating systems and hardware. These guys know how to campaign and have had multiple successful advertising campaigns which people are falling for.

I would like to share my input on the company and the statements that they are releasing and why you should not get a computer from Purism. For those that have not seen the computer its a computer which is claimed to have free open source software from top to bottom and at the same time respecting the customers privacy. This sounds good right? Finally someone is developing a product with privacy in mind. However Purism's statements are outright wrong and they are false advertising to their consumers.

First Purism claims that they are using coreboot which is a open source software which is one of the more secure booting softwares available on the market. Coreboot is a project that I support and think its a good project however Purism knows that this is a well respected software within the security and privacy market and claim that they use the software. However this is complete lies and deceitful claims as they are using a proprietary BIOS which requires INTEL addons to function which goes against their claims . This means they are already using one of the companies which are known to have a monopoly on the hardware industry of computers and are already falling into the hands of a massive honeypot. 

Intel ME is an example of the lack of privacy that Intel includes in all of its CPU's. Intel ME stands for  Intel’s Management Engine and is a threat to everyones privacy that uses their hardware. Intel's ME cannot be verified or read because it is an encrypted file on a hardware level that you can't access. This allows Intel ME to execute code on your machine that you can't verify.

A computer which is using INTEL software as a base should be discredited for being security and privacy concious completely. The only thing they have achieved is charging overpriced features for things which are gimmicky and provide no real security or privacy protection because the software could be compromised at its very core.

They do however provide a OS system which is open source called OpenOS however upon inspection this does not look to have the features of a Ubuntu system like Ubuntu or Debian. Its a more limited approach and does not provide any more security or privacy than either of these options. Whonix being the better option for privacy and its main competitor. In my opinion OpenOS does not have anything on Whonix and if you are at all concerned about privacy then you should be using Whonix.

If you look at the specs of the Librem15 they provide some very good hardware under the hood. Intel i7 processors, upto 32GB DDR4 ram, Intel HD Graphics 620, and a optional killswitch for a extra fee. I have already critised their approach of using INTEL so I shall move onto the killswitch which they offer for a optional amount added onto the core cost. Giving the idea that to get privacy you need to pay extra where as a computer which slogan is all about privacy then should the killswitch come with the base computer? They have another feature called the "Purism key" which I'm highly skepitical of. By their definition its a key that you can insert into the computer and instantly search your computer and applications. This sounds like a security flaw in itself. By their definition any attacker can access your computer via inserting this key into the computer.

My concerns with this is they are offering high end computers branding them as privacy based computers while still using some of the hardware which are known to execute unverifiable code on a machine level.

Are we ever going to have a company that provides 100% verifable hardware and code on a machine level? Is this something we can use in combination with the Blockchain? What are your thoughts?
1711712296
Hero Member
*
Offline Offline

Posts: 1711712296

View Profile Personal Message (Offline)

Ignore
1711712296
Reply with quote  #2

1711712296
Report to moderator
1711712296
Hero Member
*
Offline Offline

Posts: 1711712296

View Profile Personal Message (Offline)

Ignore
1711712296
Reply with quote  #2

1711712296
Report to moderator
1711712296
Hero Member
*
Offline Offline

Posts: 1711712296

View Profile Personal Message (Offline)

Ignore
1711712296
Reply with quote  #2

1711712296
Report to moderator
Even if you use Bitcoin through Tor, the way transactions are handled by the network makes anonymity difficult to achieve. Do not expect your transactions to be anonymous unless you really know what you're doing.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
1711712296
Hero Member
*
Offline Offline

Posts: 1711712296

View Profile Personal Message (Offline)

Ignore
1711712296
Reply with quote  #2

1711712296
Report to moderator
joniboini
Legendary
*
Offline Offline

Activity: 2142
Merit: 1785



View Profile WWW
December 28, 2019, 02:39:26 AM
 #2

Putting your story aside (which is probably more suitable on a security/privacy forum in general), don't we have Linux already?

A 'company' will never provide 'open source' imo. Unless they're too rich and want to use their time to play around with popular jargon.

███████████████████████████
███████▄████████████▄██████
████████▄████████▄████████
███▀█████▀▄███▄▀█████▀███
█████▀█▀▄██▀▀▀██▄▀█▀█████
███████▄███████████▄███████
███████████████████████████
███████▀███████████▀███████
████▄██▄▀██▄▄▄██▀▄██▄████
████▄████▄▀███▀▄████▄████
██▄███▀▀█▀██████▀█▀███▄███
██▀█▀████████████████▀█▀███
███████████████████████████
.
.Duelbits.
..........UNLEASH..........
THE ULTIMATE
GAMING EXPERIENCE
DUELBITS
FANTASY
SPORTS
████▄▄█████▄▄
░▄████
███████████▄
▐███
███████████████▄
███
████████████████
███
████████████████▌
███
██████████████████
████████████████▀▀▀
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
.
▬▬
VS
▬▬
████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
███████████████████
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀
/// PLAY FOR  FREE  ///
WIN FOR REAL
..PLAY NOW..
Saidasun (OP)
Sr. Member
****
Offline Offline

Activity: 334
Merit: 275


View Profile
July 14, 2021, 03:18:30 PM
 #3

Putting your story aside (which is probably more suitable on a security/privacy forum in general), don't we have Linux already?

A 'company' will never provide 'open source' imo. Unless they're too rich and want to use their time to play around with popular jargon.
We do have Linux and Linux is open source and secure but that was not my original point in this wall of text. I was talking about a company that advertises that they are a privacy based company and their laptops are secure yet they cannot with good conscious state that they are a privacy based company while still using hardware which is included in every other computer on the market. The operating system is not a problem because you can stick Linux on almost every machine on the market today the issue is that these computers suffer the same issues as the Purism computers and that is they use manufacturers such as INTEL and other companies which operate on a closed source basis so even if you did develop a completely open source operating system and put all the bells and whistles on a laptop the hardware in the laptop is still not better than any other alternative out there.

My point was they are knowingly posting nonsense that they focus on security and privacy and they are the best out there when they are not any better than a computer that has Linux on it and has hardware switches. But the main focus of creating this thread was to try and get some discussion on whether the Blockchain and cryptocurrency could help a start up create a computer that has open source hardware and open source software.
NotFuzzyWarm
Legendary
*
Offline Offline

Activity: 3584
Merit: 2482


Evil beware: We have waffles!


View Profile
July 14, 2021, 04:52:24 PM
Last edit: July 14, 2021, 05:08:40 PM by NotFuzzyWarm
Merited by Saidasun (2)
 #4

Since you are so against Intel's ME, just use a PC based on the ARM or AMD or other non-Intel CPU's... Problem sort of solved.

Only catch is that the CPU's require compilers to translate the OS code into the CPU-specific microcode which is doing the actual data manipulations in a CPU. Those compilers are based on code libraries that come from the CPU makers. So... in many ways there is still proprietary closed-source code being ran.

That said, yes there *are* "Open Source" CPU architectures out there. A quick article about is here. Also just do a search for "open source CPU" to find a lot more about it.

- For bitcoin to succeed the community must police itself -    My info useful? Donations welcome! 1FuzzyWc2J8TMqeUQZ8yjE43Rwr7K3cxs9
 -Sole remaining active developer of cgminer, Kano's repo is here
-Support Sidehacks miner development. Donations to:   1BURGERAXHH6Yi6LRybRJK7ybEm5m5HwTr
20kevin20
Legendary
*
Offline Offline

Activity: 1134
Merit: 1597


View Profile
July 14, 2021, 05:00:25 PM
 #5

Are we ever going to have a company that provides 100% verifable hardware and code on a machine level? Is this something we can use in combination with the Blockchain? What are your thoughts?
No. Any such company would get absolutely destroyed by governments, corporations and so on. The only project like this that might succeed would be only possible to exist once we have enough components and open-source firmware/software to create them ourselves, something like Trezor, but we're still a little far away from that point. Governments are looking forward to enforcing backdoors in everything and we're wondering about fully FOSS hardware? Hell no, unless you create it in your own garage or some random guy from BitcoinTalk builds such things from scratch and sells them to us.

Not sure if we can do something about this situation in combination with Blockchain. But I have zero hopes for a REAL privacy-focused device.
NotFuzzyWarm
Legendary
*
Offline Offline

Activity: 3584
Merit: 2482


Evil beware: We have waffles!


View Profile
July 14, 2021, 05:17:40 PM
Last edit: July 16, 2021, 10:40:15 PM by NotFuzzyWarm
 #6

...
Are we ever going to have a company that provides 100% verifiable hardware and code on a machine level?
100% verifiable code yes. It's already available. Hardware is another story because there are VERY few Foundries in the world that are capable of making decent speed CPU's and at least one of them will be making the actual chips (and support chips).

That means the Foundries must be trusted to not fiddle with the chip designs and put in backdoors at the request of governments. So far, that is NOT an issue with Intel (edit: being a separate stand-alone bit of logic on the same dies as the CPU, ME *can/is* one but can also be disabled), TSMC, Samsung and Global. btw: that is the whole point about the US and EU blocking/restricting Huawei and other China-owned makers of network and other communications gear being sold/used in their jurisdictions - the chips and gear are pretty much wholly produced in China so major concerns about backdoors there.

edit: found that Intel's ME *can* be disabled. More explicit description courtesy of bleeping computer is here.

- For bitcoin to succeed the community must police itself -    My info useful? Donations welcome! 1FuzzyWc2J8TMqeUQZ8yjE43Rwr7K3cxs9
 -Sole remaining active developer of cgminer, Kano's repo is here
-Support Sidehacks miner development. Donations to:   1BURGERAXHH6Yi6LRybRJK7ybEm5m5HwTr
Saidasun (OP)
Sr. Member
****
Offline Offline

Activity: 334
Merit: 275


View Profile
July 17, 2021, 05:45:25 PM
 #7

Since you are so against Intel's ME, just use a PC based on the ARM or AMD or other non-Intel CPU's... Problem sort of solved.

Only catch is that the CPU's require compilers to translate the OS code into the CPU-specific microcode which is doing the actual data manipulations in a CPU. Those compilers are based on code libraries that come from the CPU makers. So... in many ways there is still proprietary closed-source code being ran.
Its not that I am against a particular vendor like Intel this would apply to any closed source machine hardware including AMD.

That said, yes there *are* "Open Source" CPU architectures out there. A quick article about is here. Also just do a search for "open source CPU" to find a lot more about it.
Thanks for the article link I have taken a look at the available options and something that is evident is that a lot of the ones included are older technologies and are no where near as performance efficient as the Intel or AMD chips that you can get. ARM while great is really limited and a lot of programs will not run on ARM. I like Raspberry Pi's but they have too many limits for programs that are able to run on them.
20kevin20
Legendary
*
Offline Offline

Activity: 1134
Merit: 1597


View Profile
July 17, 2021, 08:17:40 PM
 #8

Samsung and Global. btw: that is the whole point about the US and EU blocking/restricting Huawei and other China-owned makers of network and other communications gear being sold/used in their jurisdictions - the chips and gear are pretty much wholly produced in China so major concerns about backdoors there.
That's funny, lol. a government who puts backdoors and Big Brother-kind of surveillance everywhere protecting us from backdoors. Sounds more like a war over surveillance & control rather than a "protection". Backdoors currently exist in most of the devices and/or hardware components we purchase today. Best thing the gov can do is just try to block the Chinese backdoors from spreading like wildfire because they'd then lose the surveillance coverage. Other than that, fuck them.. they're all in for control themselves!
Saidasun (OP)
Sr. Member
****
Offline Offline

Activity: 334
Merit: 275


View Profile
July 18, 2021, 09:12:44 AM
 #9

That's funny, lol. a government who puts backdoors and Big Brother-kind of surveillance everywhere protecting us from backdoors. Sounds more like a war over surveillance & control rather than a "protection". Backdoors currently exist in most of the devices and/or hardware components we purchase today. Best thing the gov can do is just try to block the Chinese backdoors from spreading like wildfire because they'd then lose the surveillance coverage. Other than that, fuck them.. they're all in for control themselves!
This is really common with mobile phones if you look at the cheaper chinese branded mobile phones and you check the incoming and outgoing traffic you will see that there is a load of traffic from advertisements which I consider malware as I did not agree to have them on my phone. I have had a couple of Chinese phones and some of them even had pop up adverts in chinese right from a factory phone. If you just Google about this it will bring up a load of different results. China is fucked up and they get away with it despite regulation from the USA. The USA have only banned certain big brands but its the smaller ones spreading like wild fire.
20kevin20
Legendary
*
Offline Offline

Activity: 1134
Merit: 1597


View Profile
July 18, 2021, 06:14:24 PM
 #10

This is really common with mobile phones if you look at the cheaper chinese branded mobile phones and you check the incoming and outgoing traffic you will see that there is a load of traffic from advertisements which I consider malware as I did not agree to have them on my phone. I have had a couple of Chinese phones and some of them even had pop up adverts in chinese right from a factory phone. If you just Google about this it will bring up a load of different results. China is fucked up and they get away with it despite regulation from the USA. The USA have only banned certain big brands but its the smaller ones spreading like wild fire.
There's a saying going around: "if you've been given something for free, you're likely the product". Cheap phones aren't that cheap for nothing, I remember even Amazon had some very very cheap smartphone that was only cheap due to the ads it had everythere throughout its system. We're still so far away from creating privacy-focused mobile phones, and we're still so far away from having people care for real about their privacy.. Unfortunately, not even Bitcoin will make people care more. At least not enough people, because most are in just for the gains..
Saidasun (OP)
Sr. Member
****
Offline Offline

Activity: 334
Merit: 275


View Profile
July 18, 2021, 08:36:10 PM
 #11

I disagree I think Bitcoin has launched a new type of attitude and I think the emergence of privacy coins have proven that too. People are more aware of their privacy and how to protect in modern times than they were just 10 years ago and I think Bitcoin has been important in educating people about privacy in every day things including their currency.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!