Question: Has Your Computer Got a Backdoor?
Answer: Almost Certainly!
In 2009 and 2013, two US companies (Intel and AMD) introduced malicious functionality into their processors. These processors are used in every mainstream desktop and laptop computer.
On Intel systems, this functionality is in the Intel Management Engine Firmware.
What is the Intel Management Engine more specifically? The Intel Management Engine consists of an independent CPU that runs a proprietary piece of software. This software is responsible for a variety of system functionality such as power management. Some of the functions are important to the workings of the machine. Other functionality is not.
The problem is that Intel and AMD have been uncooperative in releasing the complete set of corresponding source code to this component. This means that NO ONE can check the integrity of the software running on it, and manufacturers are prevented from designing truly secure computers. As a result, EVERY SYSTEM IS COMPROMISED out of the box.
This is extremely dangerous. We know that this software contains remote access functionality and could be utilized by governments and criminal groups to gain unauthorized access to any machine they like. Thanks to gag orders and other financial incentives, these companies cannot tell us about such backdoors even if they wanted to. They have to say, and have been saying 'no such backdoors exist'. They are under threat of imprisonment if they do not comply.
Backdoors are Hidden in Plain Sight...
The remote access features of Intel and AMD's CPUs are billed as a feature for system administrators. In reality, these features are nothing less than backdoors hidden in plain sight that we cannot disable, remove, or even examine for security reasons.
...And Propriety Code Hinders Searching for Vulnerabilities
Additionally, even if we somehow could determine that there is not a backdoor, there is still a threat posed by the proprietary nature of the code. Currently, it is impossible to do a proper security audit of any mainstream computer. Any security vulnerabilities that are found by other nation states or criminals can be exploited without the knowledge of the public.
If we had the sources and a proper security audit could be performed, we would at least have a chance of locating these vulnerabilities and fixing them. However, Intel and AMD not only prevent us from easily working out what is on the backdoor processor, but we could not put our own reverse-engineered code on it because of the secret keys.
We have already observed numerous backdoors, exploits, and other malware shipped in routers, phones, computers, and other devices. These backdoors have been inserted into proprietary components.
Solution? A New Computing Standard to Help Address Backdoors: EOMA68
To overcome this GLOBAL SECURITY CRISIS, we need a new standard that allows us to build devices off of CPUs and other chipsets where we have the complete set of corresponding source code, thereby handing back control to users.
This has been extremely difficult because of the way computers and other technologies are traditionally designed and developed. With so much unwanted stuff being integrated into key components, it has been challenging to come up with the components necessary to build laptop and desktop computers without hardware backdoors.
Think Penguin has been sponsoring development of the EOMA68 Computing Standard in view of the urgent need for a long-term solution. EOMA68 is a modular Creative-Commons-licensed standard that enables us to easily adapt computer designs when companies designing key components become hostile to free software. For example, with EOMA68, if one company refuses to release source code, the design allows for easily switching to a different CPU. Prior to the EOMA68 Computing Standard, it was extremely expensive to switch from one line of CPUs to another (and often the whole design would need to be scrapped).
What is an EOMA68 Standard Computer Card?
The EOMA68 standard is being used to make tiny computers that fit in the palm of your hand. Using the legacy PCMCIA of the 90s, it can be slipped into your wallet. Just like memory cards, EOMA68 Computer Cards can be easily plugged into many kinds of devices. However, EOMA68 Computer Cards are the CORE of the computer. They contain the core components like CPU, RAM, video output connectors, USB ports, and similar. You simply plug in your own screen, keyboard or mouse.
Initial Offerings: Micro Desktop and 3D Printed Laptop Housing
The inaugural line of EOMA68 computing devices is now being offered to the public through Crowd Supply (HERE), a crowd-funding website that has been particularly supportive of innovative high tech products.
The beauty of a Computer Card is that one card gives you multiple options. Stick it into the Micro Desktop Housing, and you have a desktop unit that you can connect to your monitor, keyboard and mouse. Remove it from the Micro Desktop Housing (easily done in SECONDS) and pop it into the 3D Printed Laptop Housing...and presto! You now have a laptop! The 3D Printed Laptop Housing contains a screen, keyboard and touchpad.
Just Pop in a New Card to Upgrade
In the future, the same EOMA68 Computer Card could be inserted into other products being developed including Tablet Housing, Router Housing or similar. EOMA68 not only allows for maximum flexibility, but also simple upgrades. Want to upgrade the processor? Just pop in a new Computer Card for around US$65. Done!
One of the first Computer Cards being offered is called the Libre Tea Computer Card because it is not dependent on any proprietary bits for core functionality. This gives it the potential to be used in a secure, freedom-friendly computer design. In addition, neither the desktop nor laptop housing are dependent on any proprietary software. And as the name implies, you can make new parts for the 3D Printed Laptop Housing if you accidentally crack a corner or just want to swap colors.
If you are interested in a safer computing environment, please check out the EOMA68 Crowd Funding page and support our effort to gain back control over our devices:
Earth-Friendly EOMA68 Computing Devices