Emasontweni athile edlule omunye wozakwethu lapha kubhulogi ukhulume ngomsebenzi kaSlimbook wokusebenzisa iCoreboot kumakhompyutha abo, lapho ngenxa yokuthi abasebenzisi babo abaningi benze izicelo zayo, uSlimbook ulalele ucingo lwabo (ungafunda inothi eligcwele kulesi sixhumanisi).
Okwalabo namanje abangazi ngeCoreboot, kufanele bazi ukuthi lokhu kungenye indlela evulekile yomthombo wohlelo lwendabuko lwe-Basic I / O (BIOS) ebesevele ikuma-PC we-MS-DOS 80s futhi esikhundleni sayo kwafakwa i-UEFI (Unified Extensible). Isixhumi esibonakalayo seFirmware) esikhishwe ngo-2007 manje i-NSA isiqalile ukwabela onjiniyela kuphrojekthi yeCoreboot.
U-Eugene Myers we-NSA useqalile ukuhlinzeka ngekhodi yokusebenza ye-SMI Transfer Monitor (STM) ebheke kuma-x86 CPUs.
U-Eugene Myers usebenzela i-NSA's Trusted Systems Research Group, okuyiqembu, ngokwe-website yalesi sikhungo, elihlose "ukuhola nokuxhasa ucwaningo kubuchwepheshe namasu azovikela izinhlelo zezokwazisa zaseMelika."
I-STM iyi-hypervisor eqala kumodi ye- "System Management" (SMM), indawo ehlukanisiwe ye- "ring -2" lapho ukwenziwa okujwayelekile kohlelo lokusebenza kuphazamiseka khona ukuze ikhodi yohlelo (ukuphathwa kwamandla, ukulawulwa kwehadiwe, njll.) ingaqhutshwa ngamalungelo aphezulu.
Ifemu ikhiphe imininingwane ye-STM (uhlobo lwe-VMM olusingatha imishini ebonakalayo equkethe ikhodi ye-SMM) kanye nemibhalo yesici sokuphepha se-STM firmware ngo-2015.
Ekuqaleni, i-STM bekufanele isebenze nge-Intel TXT release, kepha imininingwane yakamuva ivumela i-STM ukuthi isebenze kuphela ne-Intel Virtualization Technology (VT). I-TXT ibinganele ukuvikela lezi zinsizakalo ekuhlaselweni kanti i-STM ihlose ukwenza njalo.
I-NSA esebenza kumaphrojekthi womthombo ovulekile?
I-NSA isivele isebenze kumaphrojekthi wezokuphepha avulekele umphakathi, kufaka phakathi i-Linux Enhanced Security, imodyuli yezokuphepha yeLinux.
Ukugxekwa kokusebenza kwe-NSA kukhulu futhi akuhlali njalo. Ngakho-ke, akuvamile ukuthi iNational Security Agency ibonge iqhaza layo emphakathini.
Kodwa-ke, esimweni sephrojekthi yakho yomthombo ovulekile womphakathi, izosetshenziselwa ukusiza abasebenzi beCoreboot.
Ngokucacile ngokuthe xaxa, i-NSA ikhiphe ithuluzi lobunjiniyela le-Ghidra reverse njengomthombo futhi lamukelwe ngabathuthukisi beCoreboot.
Umqondo ngukuthi isoftware ye-NSA izosiza iProjekthi ye-Coreboot. Ngokuqondile, ku-firmware yeReverse Engineering.
IGhidra uhlaka lobunjiniyela oluphindayo ithuthukiswe yiNSA Research Division yeNSA Cybersecurity Mission. Isiza ekuhlaziyweni kwekhodi enonya ne-malware, njengama-virus, futhi inika amandla ochwepheshe ukuthi baqonde kangcono ukuba sengozini kwamanethiwekhi abo nasezinhlelweni zawo.
Yonke ikhodi yeCoreboot, kufaka phakathi yonke iminikelo ye-STM evela ku-NSA, ingumthombo ovulekile. Ngokombono, wonke umuntu angaqinisekisa ukuthi ayikho iminyango yangemuva.
Njengoba le phrojekthi ingaveli kwi-NSA, kodwa iphrojekthi abakhethe ukufaka isandla kuyo. Ngakho-ke, ngababhali beCoreboot ababhekele ukwamukela noma ukungamukeli iminikelo evela kwaNSA.
Kepha empeleni, i-NSA ibingabhala ikhodi ingavikelekile kangako ngobungozi obunzima ukuthola ngaphandle kwabaphenyi abanolwazi olunzulu lokuphepha. Ngenye indlela, ungakusebenzisa lokhu kuqaliswa eminyakeni edlule, ngemuva kokubhekwa.
Njengoba kungeke kumangaze ukubona lolu hlobo lwesenzo luvela kwi-ejensi efana ne-NSA.
Njengoba i-NSA isanda kuzama ukuhambisa ama-cryptographic algorithms amabili kunqubo yokumiswa kwe-ISO, ama-algorithms enqatshelwe kakhulu ngababuyekezi ngenxa yokuntula ukwethembana kanye nokwehluleka kwe-NSA ukuphendula imibuzo ethile yobuchwepheshe.
Ekugcineni, labo abanentshisekelo yokwazi ukuqhubeka kwephrojekthi, bangaxhumana nalokhu Kulesi sixhumanisi esilandelayo.
Ngisho, empeleni? futhi bazoyithemba yini?
Into yokugcina angayenza kungaba ukwethemba isoftware yeNSA kanye "nezinhloso ezinhle" zayo. Ama-spy ejensi anjalo kufanele anqatshelwe ukunikela ngesoftware yamahhala ngoba ayayonakalisa.