It had become pretty obvious that our computer “ownership” is far from “true ownership” in that outside parties affect many aspects of our usage. In many cases they can change how we do our work or blur the line on what we own.
Microsoft recently decided that it was unilaterally changing the location, format, and content of my work desktop Outlook GUI. To hell with my established workflow, and since I was a mere end-user they felt no notification was even needed.
Microsoft has absolutely no science presented – no ergonomics studies, no survey results, no study of the screen types users actually use, nada…
Basically they somehow feel they “own” our work computers.
Now not to throw mud at just Microsoft, Apple has decided that they “own” any hardware purchased from them and feel they are entitled to run scans of local files, reporting back to Apple what they find.
Now at first blush this a slightly less annoying, excepting the end user had to “trust Apple” that their scans are truly limited to the claimed purpose.
Since they have already broken trust breaking into run scanning processes, there is no real reason to suddenly trust them on the parameters only they control.
These are just two examples of how we “imagine we are secure” when we are actually being “violated with a smile” by the vendors who sold us our computer gear.
Since 2008 new Intel processors have had IME (Intel Management Engine) onboard https://en.wikipedia.org/wiki/Intel_Management_Engine
Not to be left behind, AMD added a similar feature starting in 2013, “AMD Platform Security Processor” https://en.wikipedia.org/wiki/AMD_Platform_Security_Processor
Now at the same time we are told these “features” cannot be used to surveil us, our government demands the features be disabled for their machines:
Dell began showing certain laptops on its website that offered the “Systems Management” option “Intel vPro – ME Inoperable, Custom Order” for an additional fee. Dell has not announced or publicly explained the methods used. In response to press requests, Dell stated that those systems had been offered for quite a while, but not for the general public, and had found their way to the website only inadvertently. The laptops are available only by custom order and only to military, government and intelligence agencies.
Some people claim that keeping their PC disconnected from the internet is security.
Perhaps not so much security in reality.
As part of our home QTH modem and Opnsense router replacements, my Sonos speakers found themselves orphaned. So the Sonos system asked me to enable the microphone on my cellphone, so it could “find a speaker.” Apparently using subaudio or ultrasonics, the cellphone finds, and provisions a Sonos speaker. The speaker then peer-shares the configuration revisions across all of the Sonos gear.
Very handy, yes?
A stark example of breaking a “computer air gap” and further propagation though.
The XYL received an email that our Refrigerator wanted a firmware update, which could be delivered in the same fashion if we hadn’t hooked the refrigerator to the internet (we haven’t)! For what possible purpose does a refrigerator require connectivity, have autonomous connectivity capabilities, and have a need for a firmware update?
I hope you have connected the dots as I have jumped around highlighting various incongruities in our electronic worlds.
Though we may have paid to purchase an electronic item – a pc, a kitchen appliance, or arguably a ham radio – our purchase doesn’t result in “clean ownership.”
Rather we become partners with an unknown set of entities who often chose to not even tell us the full capabilities of what we have purchased. Not a very good start on building trust.
Windows XP/Sempron 3000+, Opera Mail mail client (did not change, only updated) I continue to ignore the so-called progress, as you can see, I calmly write a comment on your blog. Manufacturers lie. It is obvious.