AmpBenzScientist @AmpBenzScientist@qoto.org

@PawelK Finding a viable exploit would open PCs and Servers powered by AMD.

@PawelK The security keys are no joke. The security seems to be mainly handled by the PSP and the TPM thing. I think the new consoles also have the "Pluto" chip which is another layer. My guess is that the Pluto chip is intended to stop such attacks.

Perhaps they got sloppy and something could be revealed by RE the New Consoles to find out how to exploit the Decade old hardware.

@PawelK Lenovo has terrible firmware and it was so bad that it revealed some PSP secrets. Security on the Xbox One is much better. I believe they used a more advanced TPM or equivalent and that is not on the CPU. It's a real challenge unless one has advanced machinery, which is less costly now due to dye size, as the goal of the security team was to make the console require more money to crack than the retail price.

The Security Team said that and kinda hinted that the processor was the way to crack it. So it would require more precision than the ~1mm gaps I can solder. It might require something in the 14nm range.

@PawelK That's a great question. Perhaps the Ethernet port would reveal useful information. I considered using two. Without a very expensive lab, the best route I saw was Ethernet. I believe the PSP communicates over Ethernet to verify new firmware and potentially other things. There should be a path to the PSP through Ethernet.

@PawelK @mr_poindexter That sounds much better than what I feared.

@PawelK AMD implemented the ARM core on the CPU die in 2013. I have an A10 without it and an A4 with it. It's physically on the die and controls the CPU functions. AMD still has this on their CPUs.

If you want information about it there was a certain Lenovo laptop that had it in the UEFI. It was reverse engineered. A problem quickly arises with exploiting the PSP and that would be a series of checksums. Microsoft signed code would need to be run to get in that way. That's why I thought of an FPGA to inject code directly to the processor. The ARM core is running a RTOS and could potentially be hit through Ethernet.

The ARM core has complete control of the CPU. I believe it has trustzone too. Own the ARM core and, there's an exploit for many AMD processors, beat the other security checks to free the system.

All that work on securing the hardware and they still used garbage thermal paste.

@PawelK All of that just to run Linux. That was my goal and also to save a rather capable device from becoming E waste.

8 cores on the Jaguar arch (pre Zen) and 8GB of GDDR5, I think, are the reward. The containers used for emulation and apps only allow around 4GB to be utilized. It's still a custom chipset but close enough that an exploit on the PSP could potentially work.

I was thinking about using an FPGA with 20K LUTs to intercept or change some checks. The system is locked down tight. I think it's a Cortex A7 core that resides in the Processor.

Everything about the original Xbox One was a solid design. I hate the X Clamp but I understand that it could expand under heat to make better contact with the CPU. They understood that cold air sinks and exhaust the hot air up through a nicely designed duct. They still used garbage thermal paste on the chips.

I couldn't get ahold of my Artic Silver 5 that I trust so I bought some thermal paste from Best Buy. The active ingredient is Zinc Oxide (yes the same as sunscreen) and it actually brought the temperatures down.

The GPU has an equivalent in computers. It just makes me angry that the potential is just wasted on games. The fast ram is the most impressive part as a Laptop A10 quad core from the previous gen can perform about 75% as well. The newer models X and S have more powerful hardware but the security seems to be about the same.

@PawelK I wasn't inactive while I was silent. I have a problem with the Xbox One and it not being cracked. 8 cores and fast memory are very useful. It seems that the only feasible way to run unauthorized code is through browser exploits.

It seems to me that only going after the AMD Secure Platform ARM core and hitting the TPM would result in a usable break. I had various ideas about how to exploit it but that system is the most secure Microsoft product of all time.

@PawelK No I haven't but there was a large effort to replace SCADA years ago and I helped with our solution. I don't know what was picked but it wasn't our work. (The story was leaked but still I am hesitant to say anything about it.)

I highly doubt that I could win something put out by DARPA. That would mean going up against the brightest minds at MIT, UCB and other spooky Universities. I could try.

@freemo Deadpan comedy was great. Looks like I picked the wrong week to quit amphetamines.

@freemo I read that and recall the scene in Naked Gun where Nielsen asks for a Black Russian.

@freemo Libertarian views here, big government and the incestual cocktail parties of both sides prevent any meaningful changes taking hold. They morph societal rules into an unwinnable game. The Left is The Right and we are all living in their constructed reality and fighting the fights they want us to fight.

Divide and Conquer, so much for E Publis Unum.

@AmelieH@mastodon.social A hollow stainless steel tube that is perfectly safe if used correctly. It goes in the mouth and not the nose.

@freemo Masculinity: Doing something wrong so force can be used to accomplish the objective.

Femininity: Doing something the easy way.

They both work and complement the other. If the easy way doesn't work, use force. If force doesn't fix the problem, perhaps something obvious was overlooked.

It's a classic family tale, dad is usually stubborn and wrong and mom is right.

@freemo Borsht is pretty good but I only know of Lithuanian Jewish style Borsht. You have cabbage, potato, rye bread, fresh dill and broth. It's pretty tasty and a good way to feed many people without many resources.

Perhaps I forgot to mention drinking alcohol. Perhaps the fresh dill was what I enjoyed because it brought me back to being a child and eating pickles during the summer to avoid heat cramps.

Borsht is better than heat cramps hands down.

@thor The Julia Set is a subset of the Mandelbrot Set. Mathematics is my first love. Would you like a relationship to a seemingly unhinged man obsessed by numbers or are you too self centered to accept being less attractive than such a simple area of Mathematics?

Perhaps I say too much, I would like to learn more about you. A Degree in Art? You have more career opportunities than me. Have you seen a Mandelbrot fractal zoom?

If you say no, there's a Physicist down the bar from me and further from him is an Engineer.

I don't think I've mentioned it yet but welcome to hell.

@PawelK @hn100 Part of me clings to America and what it stands for. Maybe it impairs my ability to do research but I always feel indebted to my homeland. Perhaps I could help change it for the better and it would be my duty to do so. That's the way I see it.

With that being said, working with people from other countries is what I enjoy. Perhaps I will look into CZ Universities and see if there are individuals or groups that would not mind having another researcher on their work. I would learn from them and hopefully they could learn from me.

It would be academic research and I would have more protection from angry corporations. I could potentially get work published and that is very impressive on a CV. Despite my reservations about locking up knowledge, or knowledge being owned, I would gladly work towards a mutual goal.

Yes I would work in research but from my homeland and going through a foreign University. Hacker Score -40 but it is very much the same end goal. It seems to be the best option for both honing my skills and becoming more attractive to employers.