44 comments

[ 2.7 ms ] story [ 108 ms ] thread
> China blocks use of Intel and AMD chips in government computers

With ME and PSP there, this is no wonder. Why took them so long ?

Lack of any viable alternatives
They have had an amd clone chip for a while now... https://en.m.wikipedia.org/wiki/Hygon_Information_Technology

Also whether loongarch is any good is anyone's guess.

This basically means 'we're migrating everything to linux'.

The outcome will probably be good for the opensource world.

When Red Star OS (붉은별) was discussed a while ago, all the built-in telemetry and tracking was pointed out.

I think the intervening years have proven that what the DPRK did explicitly, all the western proprietary OS vendors have also done, implicitly.

(comment deleted)
I was talking to a friend, he was asking how come I always mention the deep state[0] in the context of western countries, but never in the context of ... others. And it dawned on me that maybe it's because the deep state is the state in those other countries (explicit) whereas we mask it with a thin layer of democracy (implicit). I dunno, your comments just triggered this memory.

[0] (not in a hugely conspiratorial way, just the bureaucracy, bureaucrats, lobbying that don't change between transitions are are sort of running the place)

If you haven't seen them, Yes, Minister and Yes, Prime Minister are excellent (up to a point?) explorations of the agency issues between a permanent civil service and an ephemeral political leadership. (see also https://en.wikipedia.org/wiki/Abba_Eban#Family )

> whereas we mask it with a thin layer of democracy

I understand China has a yearly meeting where a few thousand regionally elected delegates get together and vote on various national proposals for the year to come...

https://en.wikipedia.org/wiki/National_People%27s_Congress

http://www.npc.gov.cn/zgrdw/englishnpc/Special_12_2/index.ht...

Just saw the 1st episode, great start, thank you for the recommendation!
> whereas we mask it with a thin layer of democracy (implicit)

Pretty much every country does that; or at least every kinda-functional country. But they do it differently (their local version) which might not be quite obvious to you externally if you don't understand the culture.

> we mask it with a thin layer of democracy

Clearly all governmental systems are designed to broadly maintain a status quo, and there aren’t really any truly democratic governments, but societies like the United States are still significantly democratic in their bones because, even with centuries of trying, power is nowhere near as centralized as in totalitarian regimes. Local and state governments have the greatest influence over the day to day of ordinary people and ordinary people are much more capable of influencing them.

> even with centuries of trying, power is nowhere near as centralized as in totalitarian regimes

My grandma's house is older than the centuries the US has existed.

> Local and state governments have the greatest influence over the day to day of ordinary people and ordinary people are much more capable of influencing them

Is this actually true? Are ordinary people more capable of influence than lobbying groups?

It doesn't mean they contribute to upstream.

Ironically while UNIX clones might be the outcome of trade wars, that doesn't mean FOSS will benefit from it.

Specially when IP, national security, and code hosting servers become part of the whole picture.

Long term we will be back to cold war days where Open means ISO and Open Group kind of paper standards instead of actual code.

Well, when more coders learn foss derived tools, they'll certainly end up outside the confines and then contribute'
If we are back to cold war days of computing, there will be a quite different way of contributing, forget about anything FOSS from the last 30 years.

Started coding in 1986, and can clearly see how the ongoing trade and actual wars, can bring us back to those computing days.

Thered at least be more security evaluations.
Upstreaming stuff seems way easier than having to patch everything every update?
Not when it is a matter of national security.
I agree, but no sensitive stuff should be upstreamed.
How does that have anything to do with linux? It's the microcode.
So do I have this right for the current situation?

    Eastasia - own production of h/w and s/w
    Eurasia - focus on h/w to make h/w;
      otherwise imports from Oceania
    Oceania - s/w in the core, h/w at the periphery;
      currently attempting to re-centralise h/w production
(it is a sad day when the FT —a british rag— offers but a single word mentioning Arm?)
I don't consider FT to be British. It's strongly of international character.
(comment deleted)
Except for the crosswords, which -- thankfully -- are still British (and by extension, Cryptic).
The lengths you have to go to for a ME-free or PSP-free computer is insane. I wish someone made a viable alternative. ARM isn’t great, as you can’t run Qubes.
Isn't ARM's TrustZone equivalent to ME/PSP on Intel/AMD?
TrustZone allows you to boot an OS that keeps separate memory from the main OS. It is used to do cryptography and other secure computation while keeping its secure parts hidden from the OS. There are open source OSes that run in TrustZone - eg. Trusty, Optee.

ME is firmware that you don't have any control over (it comes from the CPU marker, packaged with the BIOS) and is used to manage the machine for remote access(not specifically nefarious).

They are quite different in their purpose and more importantly implementation.

ME is a bit more than that. To enable remote access functionality, the ME has:

  * Access to all memory of the host device.
  * Ability to make and receive network requests, transparent (invisible) to the host device.
  * Access to all other communications, buses, and devices of the host device.
  * Can execute CPU commands at the highest privilege level.
  * Accepts updates that are signed by Intel's signing key.
This means that it's quite possible for a web page to deliver a series of "magic bytes" that a backdoored ME listens to, and then immediately executes instructions.

Various controls, like the UK and Australia, have laws in force that can compel companies like Intel to sign using its signing key.

Before you think this doesn't affect someone in the US, it is widely known that five-eyes uses each other's capabilities and privileges and acts collectively.

This feels like a way to force demand for their in house chips despite them not being entirely competitive yet.
It feels that way, because that is the exact intent.
Or they're just doing a,mirror of American policy decisions.

Which is more boring.

Yall get paranoid and thing your paranoia has no effect on your interactions.

There are also large benefits in making it harder for Washington to spy on Beijing. I saw a news report 15 years ago or so saying that the Kremlin went back to using mechanical typewriters out of worry that Western intelligence agencies can exfiltrate data from the Kremlin's computers.
Ha, yet the US was gifted a wooden frame with an antenna inside (no battery) to listen to convos
Good move. At least they understand the threat of digital colonisation. Wish my country, India, did so too. Instead we are just leaking more and more personal and private data.
If I record both Intel and AMD have CPU ME-free or PSP-free made for specific clients. China have their own version of x86 CPU although not as advanced. AMD also has a JV with Zen 2 IP.

All while they are matching ahead with RISC-V. Alibaba and Huawei have been pouring resources into making sure RISC-V is competitive, both on hardware and software.

Has the list of approved chips leaked? I would be very interested to see what they consider to be alternatives.