A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1 percent of the documents have been published, but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by Jacob Appelbaum.
According to Jacob Appelbaum, The Intercept - the media outlet co-founded by Glenn Greenwald and Laura Poitras to publish the Snowden files - is no longer in possession of the documents. "I was informed that they destroyed their copy of the archive", Appelbaum tells us.
I thought this was an interesting tidbit. It's been a minute since I heard anything about Appelbaum. A while back he had some metoo type allegations, but I never really paid attention to what became of that or him afterward.
https://www.theverge.com/2019/10/2/20895270/jacob-appelbaum-peter-todd-rape-allegations-defamation-bitcoin-tor
This is the most recent news that pops up about that controversy.
I don't disagree with Appelbaum, however, that it's a little bit unconscionable that those files were destroyed. There's a lot of valid criticism in the way Wikileaks does things, with a large data-dump, but it never really felt like we actually got the full picture of what was happening with the Snowden files, with so much of it never actually being published or written about.
I do wonder if Laura Poitras still has a copy, but as a filmmaker who works less in information security, it seems more doubtful.
The Cavium stuff mentioning RNGs being compromised reminded me about this recent headline about fTPM RNG being wonky on some AMD motherboards.
https://www.theregister.com/2023/07/31/linus_torvalds_ftpm/
Probably not related, right? I wonder who the fTPM manufacture is for these boards.
A discrete TPM has a separate manufacturer. The AMD fTPM is made by AMD, and they have already explained the issue.
https://en.m.wikipedia.org/wiki/AMD_Platform_Security_Processor
The PSP itself represents an ARM core (ARM Cortex A5[6][circular reference]) with the TrustZone extension which is inserted into the main CPU die as a coprocessor. The PSP contains on-chip firmware which is responsible for verifying the SPI ROM and loading off-chip firmware from it.
Critics worry it can be used as a backdoor and is a security concern.[3][4][5] AMD has denied requests to open source the code that runs on the PSP.
The PSP also provides a random number generator for the RDRAND instruction[10] and provides TPM services.
Yes, exactly. It has similar concerns to Intel ME (and its fTPM). “I wonder who the fTPM manufacturer is” makes no sense.
Then who makes the coprocessor that is inserted into the die?
Looking into more details of the boot process, it seems like the UEFI manufacturers such as AMI or Phoenix might be the best place to insert a pre-OS boot back door. The PSP (CCP) is just what is used to bootstrap before this step in the process.
https://www.igorslab.de/en/inside-amd-bios-what-is-really-hidden-behind-agesa-the-psp-platform-security-processor-and-the-numbers-of-combo-pi/