From mboxrd@z Thu Jan 1 00:00:00 1970 From: Danny Milosavljevic Subject: Re: [PATCH 7/7] gnu: Enable CONFIG_HOTPLUG_PCI. Date: Fri, 3 Feb 2017 18:45:23 +0100 Message-ID: <20170203184523.4db07c12@scratchpost.org> References: <20170201233531.2640-1-david@craven.ch> <20170201233531.2640-7-david@craven.ch> <20170202202006.03597708@scratchpost.org> <20170202214159.2901d3e4@scratchpost.org> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:41265) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cZhvQ-0005Vy-B6 for guix-devel@gnu.org; Fri, 03 Feb 2017 12:45:33 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cZhvN-0002iA-2M for guix-devel@gnu.org; Fri, 03 Feb 2017 12:45:32 -0500 Received: from dd1012.kasserver.com ([85.13.128.8]:57302) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cZhvM-0002hW-Rw for guix-devel@gnu.org; Fri, 03 Feb 2017 12:45:28 -0500 In-Reply-To: List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: David Craven Cc: guix-devel > If the device has internal storage and if someone wanted to > target you and did have the resources to do so, they could reflash the > chip and you'd never know. They can't if it's read-only (and if they are without physical access to the room). On the other hand, if they had physical access they could do anything - they could replace your entire computer with a prop that just waits for you to type your unlock key. Of course the situation where they can reflash it remotely whenever they want but you can't reflash it at all is the worst of all possible situations - but it's not the same as option 3.