He risked his neck. When Edward Snowden chose to expose the U.S. National Security Agency (NSA)'s mass surveillance Leviathan, and that of its British counterpart, GCHQ, 10 years ago, he put his life on the line. And he has always declared he has never regretted it. But years after his act of extraordinary courage, the Snowden archive remains largely unpublished. He trusted in journalists to decide what to publish. In an article published in June 2023, by Guardian Pulitzer prize winner Ewen MacAskill - who flew to Hong Kong with Glenn Greenwald and Laura Poitras to meet Edward Snowden - McAskill confirmed that most of the archive has not been made public. "In the end, we published only about 1 percent of the document,” he wrote. What does the 99 percent of the Snowden archive contain? A decade on, it remains shrouded in secrecy. A doctoral thesis by American investigative journalist and post-doctoral researcher Jacob Appelbaum has now revealed unpublished information from the Snowden archive. These revelations go back to a decade but they remain of indisputable public interest: the NSA listed Cavium, an American semiconductor company marketing Central Processing Units (CPUs) - the main processor in a computer which runs the operating system and applications - as a successful example of a "SIGINT enabled" CPU vendor. Cavium, now owned by Marvell said it does not implement back doors for any government. · the NSA compromised lawful Russian interception infrastructure, SORM. The NSA archive contains slides showing two Russian officers wearing jackets with a slogan written in Cyrillic: "you talk, we listen". The NSA and/or GCHQ has also compromised "Key European LI [lawful interception] systems. · among example targets of its mass surveillance program, PRISM, the NSA listed the Tibetan government in exile.
A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1 percent of the documents have been published, but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by Jacob Appelbaum.
The PSP itself represents an ARM core (ARM Cortex A5[6][circular reference]) with the TrustZone extension which is inserted into the main CPU die as a coprocessor. The PSP contains on-chip firmware which is responsible for verifying the SPI ROM and loading off-chip firmware from it.
Critics worry it can be used as a backdoor and is a security concern.[3][4][5] AMD has denied requests to open source the code that runs on the PSP.
The PSP also provides a random number generator for the RDRAND instruction[10] and provides TPM services.
Then who makes the coprocessor that is inserted into the die?
Looking into more details of the boot process, it seems like the UEFI manufacturers such as AMI or Phoenix might be the best place to insert a pre-OS boot back door. The PSP (CCP) is just what is used to bootstrap before this step in the process.
The Cavium stuff mentioning RNGs being compromised reminded me about this recent headline about fTPM RNG being wonky on some AMD motherboards.
https://www.theregister.com/2023/07/31/linus_torvalds_ftpm/
Probably not related, right? I wonder who the fTPM manufacture is for these boards.
A discrete TPM has a separate manufacturer. The AMD fTPM is made by AMD, and they have already explained the issue.
https://en.m.wikipedia.org/wiki/AMD_Platform_Security_Processor
Yes, exactly. It has similar concerns to Intel ME (and its fTPM). “I wonder who the fTPM manufacturer is” makes no sense.
Then who makes the coprocessor that is inserted into the die?
Looking into more details of the boot process, it seems like the UEFI manufacturers such as AMI or Phoenix might be the best place to insert a pre-OS boot back door. The PSP (CCP) is just what is used to bootstrap before this step in the process.
https://www.igorslab.de/en/inside-amd-bios-what-is-really-hidden-behind-agesa-the-psp-platform-security-processor-and-the-numbers-of-combo-pi/