<asciilifeform>
can see if it is in your particular box.
<asciilifeform>
( my understanding is that all boxes where the http://www.loper-os.org/?p=2415 debug cable works, have it. )
lurchi__ is now known as lurchi_
aalm has joined #linux-rockchip
<paulk-gagarine>
adj_, definitely not
lurchi_ is now known as lurchi__
<paulk-gagarine>
asciilifeform, have you tried getting UART for it?
BenG83 has joined #linux-rockchip
lurchi__ is now known as lurchi_
<asciilifeform>
paulk-gagarine: i had uart earlier this wk, http://p.bvulpes.com/pastes/XPFXr/?raw=true ( this is prev ver, in then flashed in google's next image to get the rma unlock command )
<asciilifeform>
cr50 uart shows up on /dev/ttyUSB0 via my selfmade usb 'suzyq'
<asciilifeform>
ttyUSB1 is ec uart; 2 is AP (cpu) uart
<asciilifeform>
3 is a fw upgrade intake; 4 and 5 possibly same but for ec and spi bootrom for cpu
<asciilifeform>
in re cr50 uart, the only useful thing you can do from it in 'production' ( consumer machine ) rom, is to read version
<asciilifeform>
in 3.4 rom you can also attempt the rma unlock ( see my post today ), but google's www will simply laugh at you when you go to fetch the magic decrypted code.
<paulk-gagarine>
anyway it defeats the purpose of a TPM to allow reflashing by anyone else than the manufacturer
<asciilifeform>
it isn't merely a box for storing keys.
<asciilifeform>
it's an intel-style nobus rootkit.
<paulk-gagarine>
yeah scratch that
<paulk-gagarine>
they've done it once, they could have done it twice
<paulk-gagarine>
I really need to ask why things were done that way
<asciilifeform>
for the obvious reason, imho.
<paulk-gagarine>
?
<paulk-gagarine>
DRM?
<asciilifeform>
e.g. fbi can vacuum up the contents of 'locked' cbook, or plant 'evidence' without leaving a trace, or insert, during baggage inspections or in hotel, keyloggers, etc
<asciilifeform>
and google made is deliberately difficult for the machine owner to detect or interfere.
<asciilifeform>
'tpm' was a bait and switch from day 1, back when it was 'palladium', and pushed by ms
<asciilifeform>
and plenty of folks, e.g. rms, understood in 1990s, and warned.
<asciilifeform>
and 'market choice' is a sick joke, where exactly do i buy a ~new~ laptop without fritz chip.
<paulk-gagarine>
that line of reasoning is inconsistent with most of the previous choices they made
<asciilifeform>
their 'openness' is a front.
<paulk-gagarine>
I don't buy that. At all.
<asciilifeform>
then explain cr50.
<paulk-gagarine>
probably something related to glued displays
<asciilifeform>
'open but for this nsa backdoor' is not what people typically think of as 'open'.
<paulk-gagarine>
but I will ask the relevant questions to the relevant people and find out
<paulk-gagarine>
I think you're missing the fact that if there was no signature at this point, the device would be fully vulnerable to any attack under this model
<paulk-gagarine>
it was definitely not designed as a backdoor
<asciilifeform>
it is a backdoor, in that it privileges some physical attackers over others.
<paulk-gagarine>
oh I'm not questioning that
<paulk-gagarine>
I'm saying it was not designed as one
<paulk-gagarine>
there's a difference
<asciilifeform>
a plain old, e.g., floppy disk, is not 'vulnerable', anyone who finds it, can read, write
<asciilifeform>
cr50, on other hand, is specifically a nsa nobus smoking gun.
<paulk-gagarine>
have you read about the cros security model?
<paulk-gagarine>
it really feels like you're missing most of the points
<asciilifeform>
the 2014 page ?
<paulk-gagarine>
and focusing on one specific aspect
<asciilifeform>
written when cr50 did not exist.
<asciilifeform>
it is the only aspect that matters ! 'other than that, mrs lincoln, how was the play?' !
<paulk-gagarine>
ok so maybe learn about it, you might gain a different perspective
<asciilifeform>
nope.
<asciilifeform>
i read the whole published src.
<paulk-gagarine>
ok then I guess there's not much point in discussing motivations I suppose
<asciilifeform>
the only thing that remains for me to learn, is how to break it.
<lurchi_>
asciilifeform: can you please stop ranting, its quite annoying for anyone following this channel
<paulk-gagarine>
you absolutely lack elements to get a clear idea
<paulk-gagarine>
but I agree with your conclusions
<paulk-gagarine>
which is what matters to end users, anyway
<paulk-gagarine>
lurchi_, erm, maybe don't pay attention if you don't like what people are saying?
<asciilifeform>
i'ma bbl. i think my article speaks for itself and contains ample proof of all of my hypotheses.
<paulk-gagarine>
lurchi_, this is definitely in-topic
<paulk-gagarine>
asciilifeform, disagreed
<paulk-gagarine>
lurchi_, please be respectful to others :)