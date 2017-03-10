Message For AMD: Open PSP Will Improve Security, Hinder Intel 5
futuristicrabbit writes: AMD has faced calls from Edward Snowden, Libreboot and the Reddit community to release the source code to the AMD Secure Processor (PSP), a network-capable co-processor which some believe has the capacity to act as a backdoor. Opening the PSP would not only have security benefits, but would provide AMD with a competitive advantage against rival chipmaker Intel. Lisa Su, the CEO of AMD, is reportedly seriously considering the change, and the community is working hard to make sure she makes the right decision. In an AMD AMA post via Reddit, user 1n5aN1aC provided several arguments for why the company should release the PSP source code to the Coreboot / Libreboot project (or publicly). The arguments center around security, economic incentives, advertising, brand perception, and mindshare. AMD replied: "Thanks for the inquiry. Currently we do not have plans to release source code but you make a good argument for reasons to do so. We will evaluate and find a way to work with security vendors and the community to everyone's benefit." The product manager for AMD, AMD_james, continued in response to a follow-up comment that claims AMD is "not considering it all but only want to appease the potential buyers." AMD_james replied: "Thanks for the feedback. Please believe me that this has CEO level attention and AMD is investigating the steps and resources necessary to support this. It is not the work of a minute, so please bear with us as we define what we can do." What are your arguments for (or against) the idea of AMD releasing the source code to the AMD Secure Processor?
GPU's (Score:1)
In the GPU arena, AMD has been pretty active in contributing the the GPU drivers, to the point newer cards can game nicely Linux systems with the in-kernel drivers.
Perhaps a similar thought-pattern will apply to other products.
Do it (Score:2)
Frankly, it would change my buying behavior if they did this. Until then, all things being equal, i'm plenty happy with my new Xeon-based laptop.
Re: Do it (Score:2)
Mine too, probably. I've gotten interested in Qubes, and I can see where having the security/management firmware for the processor open and auditable would be a good fit for increasing overall system varefiability, reducing the need for trust.
they'd want to, but... (Score:2)
Pros: it'd increase security (review), be what some customers want, give AMD an edge against Intel at no monetary cost.
Con: it's against express wishes of US three letter agencies who want their backdoors
So... no.
Is this a why-is-open-source-more-secure thread? (Score:2)
Is the premise that the C-levels at AMD are going to read
/. to discover whether open source security code is safer than closed source security code? Some of us bill by the hour for regurgitating established factual non-opinion-based security information. Hell, some of us are even salaried to do it. What's in it for us?