this post was submitted on 26 Jul 2024
310 points (98.1% liked)

Technology

59653 readers
2807 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] BobGnarley@lemm.ee 6 points 4 months ago (4 children)

Its a "trusted" execution environment for the system. So basically, it has access over your entire system and there's no way to know what it is doing because it is proprietary and many people and third party security groups have expressed concerns about it before and asked them to open source the code that runs it and they will not do it.

Intel has a similar system the Intel Management Engine but you can disable that after bootup and also run it on open source bios so that it is essentially neutered. You cannot do that with AMD.

The NSA disables and removes Intel ME on their systems, so it seems like there's a very real threat from these proprietary systems that have complete and entire control over every aspect of the machine and software running it.

[–] daellat@lemmy.world -3 points 4 months ago* (last edited 4 months ago) (3 children)

So you called it spyware but now you say you dont know what it is doing. So which one is it?

[–] BobGnarley@lemm.ee 7 points 4 months ago (2 children)

The fact that you can't discern what it is doing and it can't be disabled makes it invasive software. There's no shortage of qualified experts who agree with what I said and many others who point out glaring security vulnerabilities that come with using it. I linked a few for your convenience.

https://www.eteknix.com/nsa-may-backdoors-built-intel-amd-processors/

https://www.theregister.com/2018/01/06/amd_cpu_psp_flaw/

https://www.phoronix.com/news/AMD-PSP-Disable-Option

I'd say with all of the above at the very least its invasive software that has complete access to your system and all of its files and processes.

Spyware by definition is "Any malicious software that is designed to take partial or full control of a computer's operation without the knowledge of its user." The fact that you can't look into what all it can do makes it capable of doing this.

[–] daellat@lemmy.world -3 points 4 months ago* (last edited 4 months ago) (1 children)

Perhaps I'm being pedantic, but even in your quoted definition we don't know that it's spyware. Because 1) we don't know if it takes full control 2) it's there with our knowledge. I still can't agree to your conclusion in your first comment that it is. It might be, but I'd phrase that differently.

blablabla more blabbering around the point below: just pure speculation of what it could possibly be worst case scenario.

Spyware by definition is “Any malicious software"

Cool, but since you have no idea whether or not its malicious calling it spyware is false.

[–] trolololol@lemmy.world 2 points 4 months ago

Media definition of spyware for data privacy purposes is exactly that. The difference here is that this is a tool that can be leveraged to make a copy of all the data in your computer and put it on the cloud, among other things. Tik tok and Facebook can't do that and are subject to much bigger scrutiny.