From ef770e025ec648ac68ddeb13927afce5f7aeda35 Mon Sep 17 00:00:00 2001 From: Adam Joseph Date: Sat, 15 Oct 2022 12:24:27 -0700 Subject: [PATCH] doc: remove unfinished footnote (mispush) --- doc/owner-controlled.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/doc/owner-controlled.md b/doc/owner-controlled.md index eddb153..e65c2b1 100644 --- a/doc/owner-controlled.md +++ b/doc/owner-controlled.md @@ -18,9 +18,8 @@ Clarifications: By using a chip as your CPU you are, of course, trusting that its manufacturer hasn't included a hardware backdoor. Why shouldn't you trust software from that same manufacturer to run at the highest privilege level on the same device? -A hardware backdoor or bugdoor can be publicly demonstrated to exist once discovered, and is "perfectly undiscoverable" only if it is never used. Immutable proof of crime or incompetence is in the hands of every customer. Discovery would be catastrophic for the manufacturer, both reputationally and financially[^1]. I can easily trust that my hardware manufacturers are existentially terrified of this outcome, even in the face of government pressure. Properly-designed *software* bugdoors, on the other hand, are practically risk-free (especially when designed in coordination with hardware) and cost little to remediate. +A hardware backdoor or bugdoor can be publicly demonstrated to exist once discovered, and is "perfectly undiscoverable" only if it is never used. Immutable proof of crime or incompetence is in the hands of every customer. Discovery would be catastrophic for the manufacturer, both reputationally and financially. I can easily trust that my hardware manufacturers are existentially terrified of this outcome, even in the face of government pressure. Properly-designed *software* bugdoors, on the other hand, are practically risk-free (especially when designed in coordination with hardware) and cost little to remediate. Trust, but deblobbify. -[^1]: the fact that at least one form of the [Spectre vulnerability](https://en.m.wikipedia.org/wiki/Spectre_(security_vulnerability)) affected every