This maybe a dumb question but i became paranoid all of a sudden and wanted some answers because i can’t find it anywhere else nor can i sleep without it. Like even if i did flash linux on a lets say amd laptop couldn’t the chip itself be spying on me ? Also i understand bootloaders are stored or rom is there a way to know what else is stored on it are roms open source ? Are cpu’s open source and companies like asus store their logos and shit on their mother boards so what else could they be storing ? Are there open source alternatives for these parts ? Are we all being privacy cautios for nothing ? I know we can use firewall but wouldn’t the chip integrated have the ability to bye pass it ?

I know there are linux laptops but having a pre installed linux and some switches isn’t gonna solve the problem do they use open source roms and motherboard ? Are there any fully open source chipsets ? I want to know the same about smartphones too ?

IMPORTANT EDIT : Please don’t suggest alternatives like dumb phone i wanna know if there is any way to know or ensure we are not spied upon while using smartphones or laptop . And i don’t care about my os spying on me or the apps apps or web spying on me all i wanna know is if the hardware i use are spying on me and if not how do you know ? . Also which is better in terms of open source and privacy intel or amd ?

ANOTHER IMPORTANT EDIT : I am also not concerned by my isp tracking me or someon hacking me as i said all i care about is the hardware doing me in .

LAST EDIT I HOPE : AS I SAID MULTIPLE TIMES AND STILL PEOPLE UNDERSTAND IS I DON’T CARE IF ANYTHING OTHER THAN THE HARDWARE IS SPYING ON ME . LIKE ARE YOU TELLING ME THAT TOP CYBERSECURITY WORKERS OR ELITE HACKERS ARE JUST HOPING THEIR HARDWARE IS NOT SPYING ON THEM AND THERE IS NO WAY FOR AN ELITE HACKER OR CYBERSECURTY WORKER TO ENSURE THEY ARE NOT BEING SPIED BY THEIR HARDWARE OR IS THERE NO OTHER FULLY OPEN SOURCE HARDWARE THEY CAN BUY ?I’M NOT INTERNET SHOUTING OR WANTING TO BE RUDE I JUST WANNA GET THE POINT ACROSS ALSO PLEASE DON’T AVOID THIS AND ANSWER SOMETHING ELSE I JUST WANNA KNOW THIS SPECIFIC THING.

EDIT: LET ME MAKE IT VERY CLEAR I’M JUST A RUN OF THE MILL GUY BYING RUN OF THE MILL LAP AND PHONE AND USING IT I AM NOT BEING TRACKED BY NSA I’M SURE OF THAT BECAUSE I AM NOT THAT INTERESTING EVEN IF I WERE ITS NOT THE QUESTION UNLESS THE CIA OR NSA IS MAKING 1000 OF LAPS TO CATCH ME . YOU HAVE NO OBLIGATION TI ANSWER ME AND I AM GRATEFULL FOR YOUR ANSWERS BUT PLEASE ANSWER WHAT I WANT TO KNOW I FEEL LIKE YOU GUYS AND GALS DON’T EVEN COME CLOSE TO THE SUBJECT.

  • sbv@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    4
    ·
    9 months ago

    If one can show that the device is not secretly communicating via RF nor via the internet, I think it is unlikely that the device is spying on them.

    The best you can learn is that you didn’t detect communication while you were listening.

    Security researchers typically assume that attackers know the systems that will be used against them.

    An attacker could evade this trap by waiting to phone home.

    Or the hardware could encode information in timing by subtly delaying data leaving the device.

    Or it could sneak information out in the pseudorandom data that it uses to set up secure connections.

    Or it could use stenography to encode data in your photos.

    • SalamanderA
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      Or the hardware could encode information in timing by subtly delaying data leaving the device.

      Or it could sneak information out in the pseudorandom data that it uses to set up secure connections.

      Or it could use stenography to encode data in your photos.

      You are right, if the attacker behaves in these ways, the approaches I described would not catch them. I think that the use of stenography to encode data in photos would be relatively easy to check for if one suspects that this is happening and if the attacker can’t stop it from happening automatically. But I don’t know how one would check for pseudorandom data and identify timing delays, this sounds more difficult to detect.

      I can see how these techniques would be useful to extract a specific pieces of information. For example, it be useed to extract username and passwords, encryption and crypto keys, and some files. I am not sure about the extent to which an attacker using these techniques would be able to spy in a more general sense - for example, whether they will manage to stream live webcam video or continuously send activity information. These techniques sound more sophisticated and targeted than what I would expect to see in a “spy chip” integrated into consumer electronics, but I could very well be underestimating the attackers.