AMD+Microsoft secured-core server, and what does it mean to opensource?


This joint AMD+Microsoft announcement means a lot to opensource/security-conscious people: since the closed-source concept of "security by obscurity" doesn't work, and – unlike Intel and other competition – AMD DRTM (Dynamic Root of Trust Measurement) can use a 100% open-source stack: no dependencies on binaries with questionable redistribution license.

There was a rumor at Open Source Firmware Conference 2020 that SMM Supervisor is going to be open-sourced. Thanks to AMD moving the RAM init complexity from BIOS to ASP (aka PSP) firmware: /u/CyReVolt has advanced in oreboot open-source firmware porting to his Ryzen board, and Open Source Firmware Vendors (OSFV) – like /r/3mdeb – could deliver the Open Source Firmware to more AMD Ryzen platforms!

All this stuff should give a lot of flexibility and high-end security for OEMs and reduce the dependency on closed source, royalty fee-based models from BIOS vendors of the previous era. Some discussion on Twitter with Microsoft Director of OS Security:

EDIT: if you'd like to learn more about AMD DRTM with open-source, TrenchBoot developers are having a nice online conference on March 24th –

submitted by /u/Mike-Banon1
[link] [comments]