There certainly are idiot MBAs (and non MBAs), and perhaps the ratio is too high in the USA, but based on the pre-eminent businesses in the USA, I wouldn't say it's "the" culture.
One of the reasons Intel failed and TSMC succeeded is because Intel was unwilling to pay what the other big tech companies were paying (and part of that pay is with RSUs which stock buybacks help offset). However, for workers in Taiwan, TSMC was the best option, so TSMC could pay less.
Intel failed because the idiot MBAs refused to invest in keeping their lithography process the best in the world. Instead they spent $100 billion on stock buy backs.
Persistent bootkits trivial to install
No verified boot chain
Firmware implants survived OS reinstalls
No hardware-backed key storage
Encryption keys extractable via JTAG/flash dump
Modern Secure Boot + hardware-backed keystore + eFuse anti-rollback eliminated entire attack classes. The median user's security posture improved by orders of magnitude.
Arguably yes. By preventing entire classes of attack real users are never exposed to certain risks in the first place. If it were possible it would be abused at some rate (even if that rate were low).
It's not that trusted computing is inherently bad. I actually think it's a very good thing. The problem is that the manufacturer maintains control of the keys when they sell you a device.
Imagine selling someone a house that had smart locks but not turning over control of the locks to the new "owner". And every time the "owner" wants to add a new guest to the lock you insist on "reviewing" the guest before agreeing to add him. You insist that this is important for "security" because otherwise the "owner" might throw a party or invite a drug dealer over or something else you don't approve of. But don't worry, you are protecting the "owner" from malicious third parties hiding in plain sight. You run thorough background checks on all applicants after all!
This is absurdly paranoid with absolutely zero evidence. For embedded and mobile threat models where physical access or bootloader unlock is possible, eFuses are effectively mandatory for robust downgrade prevention
Agreed that robust downgrade prevention is necessary. However it's not paranoid at all and the problem isn't limited to eFuses. A network connected device that the vendor ultimately controls is a device that can be remotely disabled at the vendor's whim. It's like a hardware backdoor except it's out in the open and much more capable.
The Islamic theocracy in charge of Iran is deeply unpopular due to its repression and severe mismanagement of the Iranian economy. It has cut Iran off from the Internet.
"We should all be more sceptical"
This is very ironic coming from someone who actually believes anything the Iranian theocracy says. They are even less honest than Trump.
> The Islamic theocracy in charge of Iran is deeply unpopular due to its repression and severe mismanagement of the Iranian economy
Here's a way of saying that in a less propaganda'y way: "The Iranian government is unpopular because of the impact of US sanctions, which have made the lives of ordinary citizens mucher harder than they need to be."
> It has cut Iran off from the Internet
Because foreign-backed terrorists were using Starlink terminals to communicate, and the security services needed to find them, and stop them; at least, that's what Iran claims, and it at least makes sense.
The Iranian government is unpopular because of the impact of US sanctions, true, but those sanctions did not come out of nowhere. They are largely caused by the actions of the Iranian government. So that government does not get a pass because the pain comes from sanctions. It's still the consequences of their own actions.
Iran's economic problems include massive resource diversion to IRGC enterprises, funding for foreign militias (Hezbollah, Houthis, Iraqi PMFs), and systemic corruption that predates the harshest sanctions. The Rial was already collapsing under Ahmadinejad's mismanagement. They have refused to invest in modern water distribution infrastructure. Attributing it all to sanctions is the regime's own preferred narrative.
Iran has cut internet access during every major protest 2017, 2019 (where they killed 1,500+ protesters in a week), 2022 after Mahsa Amini. The pattern correlates perfectly with domestic unrest, not with any "terrorist" incidents. The Starlink justification appeared after they'd already established the shutdown. You're taking their post hoc rationalization at face value.
You accused me of propaganda, then in the same breath presented the Iranian government's exact talking points as reasonable alternatives. That's the irony I was pointing out. You're not being skeptical you're being selectively skeptical, which is worse than being credulous because it masquerades as critical thinking.
If you want to argue the US has done bad things in Iran (1953 coup, shooting down IR655, etc.), sure. But "the regime isn't that bad, actually" requires ignoring their own documented behavior.
reply