Hardware and Privacy

[Joss]

As most of us are aware every bit of modern kit in our lives can collect and send data.
Our PCs and smart phones, consoles and TVs, our cars and fridges....

But my current worry is with the hardware inside our desktops (I use self built machines).
Nowadays one can be sure of backdoors on the CPU, mobo chipsets, BIOS... what can we do about it? How to circumvent it?
I know we can buy old hardware from 6 or 8 years ago when (we hope) things were not as bad as today, but that's not an option to me.

I'd like to hear your opinions, experiences and eventual solutions.

[Pangolin]

Most pieces of hardware being produced nowadays have hidden features that sould be meant for maintenance but can (and some times actually are) exploited for malicious/surveillance/metering purposes by a number of parties.
In short: live offline or stand the pain

[karlchen]

<moderator on>Not a Linux Mint support request, but a very common discussion topic, thread moved to "Open Chat"</moderator off>

[Habitual]

I tend not to worry about stuff I have no control over.

[HP Sparks]

Hi,

As most of us are aware every bit of modern kit in our lives can collect and send data.
Our PCs and smart phones, consoles and TVs, our cars and fridges....

But my current worry is with the hardware inside our desktops (I use self built machines).
Nowadays one can be sure of backdoors on the CPU, mobo chipsets, BIOS... what can we do about it? How to circumvent it?
I know we can buy old hardware from 6 or 8 years ago when (we hope) things were not as bad as today, but that's not an option to me.

I'd like to hear your opinions, experiences and eventual solutions.

10 to 15 years ago, I discovered the existence of #OpenHardware and people implementing their CPU cores from FPGA or quite similar approaches.
Nowadays, there are few #LibreHardware laptops project offered to the World.
For example: DIY Laptops like the Novena (1)

Most pieces of hardware being produced nowadays have hidden features that should be meant for maintenance but can (and some times actually are) exploited for malicious/surveillance/metering purposes by a number of parties.
In short: live off-line or stand the pain

I agree with you on the actual facts: "If you want to enjoy whatever IT "happiness" (.........) "seamlessly" (.........), you have to totally forget about your privacy from who ever supplies the IT technology to you." (......................................) :-/

But, I also hope that we could "enjoy" IT technology without being spied and tracked so much.
The reason is that there is a potential great danger if the "good" people lose control of their "#BigBrother" IT technology or if the "good" people turn to very bad and have plan to wipe out so many people at "once" during a peak of madness........

So, it should exist solutions to be able to stay on-line without being tracked like a criminal or terrorist, potential or confirmed.
(well, this is where the question is opening to the big headache and all kind of trolls. So, better for all of us, right know, to keep focus on the hardware questions as initiated by @Joss. )

________________________________________________________
(1) DIY Laptop Novena:
- https://duckduckgo.com/?q=novena+laptop
- - http://www.kosagi.com/w/index.php?title ... _Main_Page
- - https://www.crowdsupply.com/sutajio-kosagi/novena
- - http://www.wired.com/2014/04/novena/ (should be 100% OpenSource by now, as said a few months ago during a presentation by "Xobs" in a Hackerspace. )

[Skaendo]

There are a lot of open source hardware/firmware projects starting up. Here are a few to look at:

http://www.oshwa.org/
http://www.openfirmware.info/Welcome_to_OpenBIOS
https://libreboot.org/
https://www.coreboot.org/

I find it funny that a long time ago most software and possibly most hardware was open-source, now we have to fight to get it back that way.

[BigEasy]

I'd like to hear your opinions, experiences and eventual solutions.

No incoming connections and no outcoming connection can be made bypassing OS currently loaded. So, ignore your fears.

[Joss]

Thanks for all the answers so far.

No incoming connections and no outcoming connection can be made bypassing OS currently loaded. So, ignore your fears.

If I got it right hardware backdoors can't connect/phone home on their own, is that it?

Let's imagine a particular scenario: the OS is Linux and I only browse using a VPN provider and/or TOR; can something from outside the OS, at hardware level, access my browsing history?
Another scenario: I download files on the conditions mentioned above and save them on an encrypted HDD; are they safe from preying?

[BigEasy]

If I got it right hardware backdoors can't connect/phone home on their own, is that it?

Can, but only when your computer working under control of your hardvare's firmware. For example when you into BIOS interface.

Let's imagine a particular scenario: the OS is Linux and I only browse using a VPN provider and/or TOR; can something from outside the OS, at hardware level, access my browsing history?

Hardware can't know there is such thing as browsing history.

Another scenario: I download files on the conditions mentioned above and save them on an encrypted HDD; are they safe from preying?

Hardware knows noting about your HDD except heads, cylinders, sectors and how to write-read from there.

But your router can do anything because only OS under which it working is it's firmfare. By the way it's Linux too.

[z31fanatic]

Nowadays one can be sure of backdoors on the CPU, mobo chipsets, BIOS... what can we do about it? How to circumvent it?
.

Unplug that ethernet cable or uninstall that wireless card. That's the only way to not get hacked, tracked, or spied on if you are into conspiracies.

[LinuxJim]

Unplug that ethernet cable or uninstall that wireless card. That's the only way to not get hacked, tracked, or spied on if you are into conspiracies.

That's only the short-sighted answer.

The bigger problem is that the MAJORITY will succumb to the spying because they will lose too many conveniences by not doing so. The majority always makes the wrong decision.

And who is that majority? Your friends, colleagues, family, acquaintances... While you may be able to control access to your own technology (with great effort and expense in the near future), your activities will STILL be spied upon and tracked through the information provided freely by others - your friends, family, colleagues and acquaintances. Your cooperation and consent will not be required.

[Old Ruler]

Unplug that ethernet cable or uninstall that wireless card. That's the only way to not get hacked, tracked, or spied on if you are into conspiracies.

That's only the short-sighted answer.

The bigger problem is that the MAJORITY will succumb to the spying because they will lose too many conveniences by not doing so.

Hi Jim, I would be with the majority on that. The even bigger problem is that most of them insist on using an insecure OS and have no idea what they could be contributing to. They may just notice their Windows PC running a bit slow, while it's actually part of a DDoS attack on a major ISP. I don't even mind being spied on if it could help prevent malicious service disruption and worse - Much worse these days. Sad to admit I buy the need for it.

The majority always makes the wrong decision.

Then what of democracy?

And who is that majority? Your friends, colleagues, family, acquaintances... While you may be able to control access to your own technology (with great effort and expense in the near future), your activities will STILL be spied upon and tracked through the information provided freely by others - your friends, family, colleagues and acquaintances. Your cooperation and consent will not be required.

1984 all over again by the sound of that. That lot ain't got nuffin on me anyway and even if they did they wouldn't grass.

[Fred Barclay]

The majority always makes the wrong decision.

Then what of democracy?

They tend to collapse if you haven't noticed.
A republic somewhat negates this but we humans are pretty selfish and shortsighted. I'm afraid we'd vote ourselves into future oblivion in exchange for 5 minutes of whatever it is we want at the moment.
But I digress...

[Old Ruler]

Oh I agree as well! Those companies should fund the democracies of the countries they exploit rather than Big Brother America.

[LinuxJim]

Then what of democracy?

They tend to collapse if you haven't noticed.
A republic somewhat negates this but we humans are pretty selfish and shortsighted. I'm afraid we'd vote ourselves into future oblivion in exchange for 5 minutes of whatever it is we want at the moment.

Exactly. A republic merely filters the senselessness of the public at large and replaces it with the senselessness of its elected officials. Whether democracy or republic, the people eventually pay the consequences for their own bad decisions.

[Old Ruler]

The majority always makes the wrong decision.

Then what of democracy?

They tend to collapse if you haven't noticed.
A republic somewhat negates this but we humans are pretty selfish and shortsighted. I'm afraid we'd vote ourselves into future oblivion in exchange for 5 minutes of whatever it is we want at the moment.
But I digress...

I don't think we would. Considering how we got here; we can hardly be anything other than selfish and short-sighted. We're made that way for individual survival. But we're mostly much better informed than during previous failures. Thanks to the continuing exploitation of natural resources, we have enough wealth to be generous with our cash and with our knowledge.

We've done so well through a period of the greatest changes ever known. The changes have been relatively gradual for most of 'us', but would be much harder to accommodate, let alone understand, where they come all at once...

[LinuxJim]

Hardware knows noting about your HDD except heads, cylinders, sectors and how to write-read from there.

Not so.

http://www.engadget.com/2015/02/16/hard-drive-spyware/