At some point, you’ll wonder: is my device actually running the code I expect? [bunnie] a.k.a [Andrew Huang] is passionate about making devices you can fundamentally and deeply trust, and his latest passion project is the Precursor Communicator.
At its heart is an FPGA, and Precursor’s processor is created from the gates of this FPGA. This and a myriad of other design decisions make the Precursor inherently hard to deflect, and you don’t have to take [bunnie]’s word for it – he made an entire video going through the Precursor’s architecture, boot protections and warranties, teaching us what goes into a secure device that’s also convenient to use.
If you don’t understand how your device works, your trust in it may be misplaced. In the hour-long video, [bunnie] explains the entire stack, from the lower levels of hardware to the root keys used to sign and verify the integrity of your operating system, while demonstrating how you can verify that things didn’t go wrong.
It makes sure to highlight the aspects you’d want to be careful of, from physical security limitations to toolchain nuances. If you’re not ready for a video, you can always check out the Precursor wiki, which has a treasure trove of information about the device’s security model.
As you may have learned by now, it’s not enough for hardware to be open source to be trustworthy. While open source silicon designs are undoubtedly the future, their security guarantees go no further.
Whether it’s esoteric hard drive firmware backdoors, weekend projects turning your WiFi card into a keylogger, or rootkits you can get on store-bought Lenovo laptops, heck, even our This Week In Security’s latest installment contains two amusing malware examples – there’s never a shortage of parties interested in collecting as much data as possible.