Alan <alan@xxxxxxxxxxxxxxxxxxx> writes: > (realistically it's much easier and safer to drop in on the AMD CEO > and arrange a silicon back door than to try and hide one in > software), And its probably easier still to doctor the firmware on the disk drive to do nasty things. Who checks that??? (Eg. a random key written as unprivileged user data could be a command to the firmware to do something that violates security such as changing disk data or divulging some secret. This command key could even be written to disk as the result of something relatively innocuous such as receiving email or logging an HTTP transaction.) -wolfgang
