Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Only sane way to reduce the risk of back doors is to have proper open architecture for at least the basic motherboard functionality, and then fully utilize IOMMU to limit what the devices can do.

... hahahaha, yeah right.



Believe it or not, I recently got a new Lenovo laptop with the intention of IOMMU-ing it as much as I can internally.

I haven't let it talk to a network or much USB yet, so I'm hoping it's still secure.


Very interesting actually. I would enjoy reading about how well you manage to pull that off; it seemed to me that support for IOMMU is still broken in both software and firmware, but I very well might be wrong.


OK, I'll try to document my journey. It'll be at extendedsubset.com, which is down right now, but I'll bring it back in the next few days.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: