NSA implants backdoor in CorebOOT

Enjoy your mathematical backdoor bro

tomshardware.com/news/nsa-contributes-low-level-stm-coreboot,39704.html

Attached: 34432322-8.png (966x869, 325K)

Other urls found in this thread:

phoronix.com/scan.php?page=news_item&px=Ghidra-Coreboot-NSA-RE
en.wikipedia.org/wiki/PRISM_(surveillance_program)
twitter.com/NSFWRedditImage

>tomshardware

I'd rather get my "facts" from fucking facebook

Here is another source :3

phoronix.com/scan.php?page=news_item&px=Ghidra-Coreboot-NSA-RE

>mathematical backdoor
sounds pretty technical

Attached: hackingman.jpg (480x360, 11K)

oh no, not source code! i might have to read it and discern what it does based on what is black and white :(

Wow you mean if someone has physical access to my PC and mobo that my security could easily be compromised?

Fuck man no way! Thanks toms's for providing me with very useful info yet again!

Attached: 1519860742831.png (480x466, 139K)

>Implying that Linux kernel isn't backdoored

What's funny is when idiots on Jow Forums croon that open source and free software alternatives, with publicly accessible source code, is secure when that means the NSA can take that source code, inject their own spyware into it and replace the original source code of the original programmer without Jow Forums noticing.

I guess it shows how intelligent Jow Forums truly is.

What's funny is you will not return to this thread this day, this week, or this year with proof of the NSA injecting spyware into open source projects

Wow what a great counter argument. On the one hand we got tons of documented cases of three letter agencies fucking with all kinds of stuff even rerouting routers and switches and installing their custom firmware on them before sending them to the original receiver. On the other hand we got some assblasted faggot on Jow Forums saying nothing ever happened.
Yeah I for one sure am gonna trust your great source known as my fucking arse faggot.

Because the code is so well hidden. Just look at Ubuntu's spyware :^)

no i totally believe that and its why i have invested in open source. but coming here and saying that auditable software is full of injected spyware is like saying the sky is falling. go ahead and prove it ill wait.

those are proprietary firmwares they are replacing.. im talking about them upping malicious code to github with their @nsa.gov email addresses. go ahead and prove me wrong!

what does any of that assblasted rant have to do with what he said?

>Hurr Tor isn't compromised because it's open sores
See And how do you know that the code you have online is the original, uncorrupted code by the original programmer and not the NSA? How do you know exactly what code was injected by the NSA and where, if you're illiterate in whatever programming language that project was made in (which you clearly are illiterate in most programming languages other than script kiddy shit like python)?

That is not at all what he claimed or implied though? But sure strawmanning is fun.

NSA has entire warehouses dedicated to intercepting computer parts and installing code before it reaches you. If you ever ordered something online, it's not secure.

why did you start a new thread when this one is here?

You even took the same screenshot. Use the fucking catalog next time.

if you can prove itt that the nsa compromised tor, with like, nsa.gov git signatures, that would be very impressive to me. i dont tihnk you can, but i dont know for sure!

if youre saying an open source project has been compromised and you suspect the nsa, :^)

i use a librebooted machine, to answer the second half of your post. how do i know im not being mitm? i guess thats your inquiry... i guess i could check pgp signatures of iso's and use a sensible distro that does the same for my packages.

why are you trying to lecture anyone on security when you don't even know what hashing is? fuck off dumbass.

>if you can prove itt that the nsa compromised tor, with like, nsa.gov git signatures, that would be very impressive to me
>Implying a spy agency would be so careless, that they wouldn't hide their effort to spy on you
Summerfag went full retard here. First shitposting a new thread when there's already one, then going retarded over the truth.

>Samefagging
What's to say the NSA can't alter hashes? It sure looks like you do some hashing yourself; do you roll your own?

>i use a librebooted machine
What's to say that it's not really the NSA-modified coreboot firmware, only renamed and given a fake hash to make it look like it's libreboot firmware?

And why are you so retarded to think that they'd leave evidence of their wrongdoings?! You really are a naive little twat.

>It sure looks like you do some hashing yourself; do you roll your own?
Why is my humour so shit that I laughed at that.

Attached: 1549158470435.jpg (1024x1024, 209K)

are you conflating security and privacy again

Because your life is shit, that you think you know about how espionage works when you're a middle-school pre-growth neckbeard.

What would happen if the flat out refuse to accept the patches? It would be a pretty big shitstorm

You wot mate? I haven't posted in this thread before that but okay whatever you say user.

How private do you think your computer would be, if a spy agency embedded their own code to securely spy on you? Sure it's secure for them, but for you? :^)

You'd probably get v& for trumped up charges like not calling a tranny by their preferred pronoun.

and you?

What about me? How do you know I'm not an agent for the NSA? And how do I know you're not?

why would it matter if i was

im still waiting for proof the nsa did anything shady, but i think this thread will be gone in an hour

Because that would mean that we'd be spying on each other if we were both agents. :^3

and guilty of wasting government resources?

en.wikipedia.org/wiki/PRISM_(surveillance_program)

>Waiting for proof
>When spies are trained to cover up their tracks
If only you were smart enough to realize your low middle-school grades qualify you for summer school.

Typical underage retard.

There's no point trying to point retard to actual sources. He wants us to find comments in ubuntu's source code that says "Copyright 2001-2019 NSA. All rights reserved" and "The next 3 lines define what data we extract from your browsing habits"

i missed the part where they anonymously submitted binary patches and not publicly submitted open source code

i want those who make wild claims to back them the fuck up or sit back down

You missed the part where I said they'd directly bypass the original programmer's log in, to overwrite their source code as if they were the original programmer.

>Doesn't back up his own claims
>Wants others to
Nothing new in the ol' Hungarian straw hat weaving forum.

and those contributions are also open source right

are you familiar with the burden of proof? it means that when you accuse someone of something, you have to proof beyond a doubt they did it. innocence until proven guilty.

Right, but it's not like you'd be intelligent enough to be able to audit said source because they won't have comments like "Change variable spy_on_user to enabled to enable spying on users"

>What's to say the NSA can't alter hashes? It sure looks like you do some hashing yourself; do you roll your own?
Kek
Did you ever heard about PGP?

when you have proven that the nsa has used open source code to compromise coreboot, go ahead and post this thread again! but until then i think youre just wasting time >

Can we just finally fucking get to the point where people stop claiming open source means jack shit?
If it's open source AND audited, good. If not consider it to be just as potentially pozzed as something that you don't have the source code for or are you people seriously trying to tell me you personally look through the code for every program every time there is any change to it?

You're the one who accused us first of not having the proof in spite of every report since Snowden and PRISM. That means the burden of proof is on you to refute those facts.

>hasing
>PGP
What the fuck are you even trying to say there? What the fuck does PGP have to do with ANYTHING in this thread?

Attached: 1554938255155.jpg (700x700, 209K)

something could possibly be true is not the same as something is verifiably true, and the burden of proof is on you, the accuser.

>He doesn't knot the NSA has successfully created onion sites and exit nodes to track Tor users
My sides.

>He doesn't knot the NSA
Furries get out

>Still wanting to find comments in Ubuntu's code to show that an NSA agent contributed to the Amazon icon
You really are retarded.

Snowden showed collection of data, PRISM is data collection, when did coreboot get dragged into this?

coreboot wasnt even established until 2016 according to coreboot dot whatever

When the NSA implemented a means to ease the unauthorized collection of data into it.

This is awesome, I have to screencap this. Educate yourself what PGP is and what you can do with it.
You stupid idiot.

what does it refer to in this sentence

unauthorized by whom

I laughed. I'm the guy who made the hash joke, unironically not the braindead retard who doesn't know what PGP is.

>Hurr I'm illiterate
You asked when coreboot got dragged into PRISM, so I told you it was when the NSA implemented a means to ease the unauthorized collection of data into it. Sorry you're a middle-school retard who can't read.

The user is who, idiot.

>PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications.
So now tell me what does PGP encryption have to do with hashing or the NSAs ability to perform hash collision attacks you turbo nigger?

It's a solid article and talks about NSA's exploits in history via open source as well.
They're gonna just wait till the news dies out and then contribute some backdoor in it.

prism predates coreboot, and prism still exists, that means that (according to your logic) coreboot was never trustable

Prove there's a backdoor, schizo.

Freetards BTFO

Go and be 12 years old somewhere else

Not anymore it's not. That's the whole point of the OP, you mongoloid.

Don't encourage him to find a comment in the code that reads "Edited by Agent 374 of NSA."

nothing has changed though, except that now the nsa has actually commited to their repo. can you point to the commits where they injected malware?

and by nsa i mean, the official nsa email address nsa

I thought the burden of proof was on you because you're the one denying that the NSA has been doing anything to keep PRISM alive, yet accusing us of not knowing how spying works. Besides, you claim to be the smarter one, so prove your intelligence by auditing the code yourself.

youre wrong but ill entertain you anyway.

prism is alive, and predates coreboot, therefore coreboot could never have been trusted, it was infected from day 1, in fact all internet connected activity since prisms inception has not been trustworthy, making this all a charade? i guess...

btw i have audited the entire source code and found no wrong doing. feel free to prove me wrong by auditing it on your own time if you dont believe me :^)

>since prisms inception
I can tell you weren't born before 2001.

The internet was compromised since 2001, when George Bushed declared the PATRIOT Act, which enabled the NSA to compromise the internet without the knowledge of the people.

Therefore, by your logic, everything created since November 2001 was infected.

>btw i have audited the entire source code and found no wrong doing
Then post the results of your wrong doing, or else we can safely assume that you're an illiterate cuck who can't read either source code or English.

WILL LIBREBOOT PROTECT ME?

Nothing was safe since 2001. Nothing will protect you unless you program it yourself and keep it closed source from the rest of the world.

Currently going analog now. I will minimize motherboard activities

Paranoid retard

That's where you're wrong. Everything's insecure & public by default to comply with the NSA

didnt snowden confirm that the NSA picked off a few cisco routers en route to a customer and modded them?

>a few
Much more than a few, it was routine

>it was routine
they had a dedicated department with fulls time staff

>a dedicated department
the NSA is a shipping company that sometimes gets to inject their code into some packages

>NSA is a shipping company
The United States postal service, is secretly an arm of the US government!

>Secretly
USPS, DHL and UPS are all branches of NSA, CIA and FBI.

You can only trust FedEx and Purolator now.

>cuck
>tech-illiterate meme spouter
Okay, so you're on the spectrum. Go watch Luke Smith and meme with 10 year old Jow Forums memes.

doing
I'm not the previous user but I also conducted an independent audit and found no errors so the NSA hasn't done anything wrong.
Feel free to prove evidence to the contrary though.

> nsa
> involved in supplying code to the industry
shocking news there, faggot. also, it's open source. so, likelyhood of a backdoor being introduce and nobody spotting it: fucking slim, you intellectual retard.
>I'd rather get my "facts" from fucking facebook
i agree. tomshardware is an embarrassment.

>Calls others retarded for knowing about the PATRIOT act
>Still thinks that the NSA is a myth
I love how much of a retarded sheep you are. Go back to the Middle East and get your ass dilated by a couple of terrorists.

>I'm not the previous user but I also conducted an independent audit and found no errors so the NSA hasn't done anything wrong.
>Feel free to prove evidence to the contrary though.
Can you actually PROVE you've done an "independent audit?" :^3

>it was routine
JEJKd
Time to powder your ass and diaper.

schizo

Dual_EC_DRBG

Now fuck off.

Appeal to ignorance fallacy

when your ideology says everyone is equal to everyone else and there and one of the goals is to get rid of the hierarchy, everyone is equal so the nsa and fbi is equal to any other programmer and this is what you get.

glow harder faggot

Heads protects from that. There is also this thing called signing and hashing of binaries you know.

>USPS, DHL and UPS are all branches of NSA, CIA and FBI
NSA and CIA are divisions of USPS, it's ogre