remotelove@lemmy.ca
on 06 Mar 2025 14:03
nextcollapse
So… All of them?
sugar_in_your_tea@sh.itjust.works
on 06 Mar 2025 14:28
collapse
Does it count as “China made” if the firmware is FOSS and I load it myself? NICs and boards are pretty much all made in China, but how far does this go?
remotelove@lemmy.ca
on 06 Mar 2025 14:40
nextcollapse
It depends on how bad China wants your porn. There could be secondary MCUs that are designed to completely bypass the original firmware. (Think Intel ME)
That is not very practical for consumer grade gear, but still possible.
sugar_in_your_tea@sh.itjust.works
on 06 Mar 2025 14:42
nextcollapse
Hmm, it’s pretty spicy porn.
Ajen@sh.itjust.works
on 06 Mar 2025 16:09
nextcollapse
Wifi chips have their own firmware that could have a backdoor. If it’s connected to the CPU over PCI-E or another interface that supports DMA then it’s also able to inject code into the main system even if it’s running FOSS firmware.
It seems that a few router types have WiFi + SoC setups now. (Like ones using the IPQ4019, for example.)
While that doesn’t significantly reduce the risk of something nasty, it would limit places for nasty code to hide. Well, “hide” in the traditional sense, like on another chip entirely.
However, I haven’t really looked into any drivers to see how these SoC’s are segmented to see if its really any different than the old MCU + WiFi chipset setups.
admin@sh.itjust.works
on 07 Mar 2025 01:34
collapse
This reminded me of a real life story, from the tip or my tongue so details might be inaccurate, but I remember hearing that a/the main MINIX maintainer, all of the sudden, started getting bug reports or some type of feedback from somebody, that ended up being an Intel employee looking to use MINIX for either ME or AMT.
In short, these hardware devices are 100% capable of having their own independent OS, processes with kernel and all, totally obscured from the end user.
earphone843@sh.itjust.works
on 06 Mar 2025 17:00
collapse
Yes, it counts. Hardware backdoors are absolutely a thing.
piccolo@sh.itjust.works
on 06 Mar 2025 14:39
nextcollapse
And replace them with american spyware? Nice try NSA
sugar_in_your_tea@sh.itjust.works
on 07 Mar 2025 13:48
collapse
Mine’s European, but actually Chinese.
_haha_oh_wow_@sh.itjust.works
on 06 Mar 2025 14:59
nextcollapse
threaded - newest
So… All of them?
Does it count as “China made” if the firmware is FOSS and I load it myself? NICs and boards are pretty much all made in China, but how far does this go?
It depends on how bad China wants your porn. There could be secondary MCUs that are designed to completely bypass the original firmware. (Think Intel ME)
That is not very practical for consumer grade gear, but still possible.
Hmm, it’s pretty spicy porn.
Wifi chips have their own firmware that could have a backdoor. If it’s connected to the CPU over PCI-E or another interface that supports DMA then it’s also able to inject code into the main system even if it’s running FOSS firmware.
It seems that a few router types have WiFi + SoC setups now. (Like ones using the IPQ4019, for example.)
While that doesn’t significantly reduce the risk of something nasty, it would limit places for nasty code to hide. Well, “hide” in the traditional sense, like on another chip entirely.
However, I haven’t really looked into any drivers to see how these SoC’s are segmented to see if its really any different than the old MCU + WiFi chipset setups.
This reminded me of a real life story, from the tip or my tongue so details might be inaccurate, but I remember hearing that a/the main MINIX maintainer, all of the sudden, started getting bug reports or some type of feedback from somebody, that ended up being an Intel employee looking to use MINIX for either ME or AMT.
In short, these hardware devices are 100% capable of having their own independent OS, processes with kernel and all, totally obscured from the end user.
Yes, it counts. Hardware backdoors are absolutely a thing.
And replace them with american spyware? Nice try NSA
Mine’s European, but actually Chinese.
Best I can do is flash custom firmware.
Edit: See this helpful comment below if you’re interested! sh.itjust.works/post/33900457/17108468
This is what every normie should be doing.
Bought a router but it wanted me to get an account with a "proper" email address.
Lol wtf good thing Foss chads were already cooking haha
For anybody else considering…
EU commission should be urging Europeans to ditch US products and services 🤷
Anti Commercial-AI license
Openwrt
Opnsense
Pfsense