@nprofile1q... Seems grossly overblown to me. The details make it pretty hard to exploit and certainly not able by my reading to tell what else is running on your machine. There are much easier ways to do that.

@nprofile1q... Core boot source is out there, no? openWRT is open source. So that criteria seems satisfied.
When we cannot see the code we can't say if security issue are or are not present except by the evidence from outside the code. I didn't act like anything. I asked questions in case I missed something I can actually do anything much about.

@nprofile1q... Proving the harm is the sticky part. Allegations shouldn't lead to any action but exploring the truth of it. Social media harms kids is the latest variant of video games harm kids is the latest variant of rock and roll harms kids. And all of it wants to "fix it" by giving the State more power.
Funny how that works.

@nprofile1q... Government acting like it owns any tech and those involved in it is WRONG. Full Stop.

@nprofile1q... Yeah. Global tyranny. Sovereign States, bizarre as that concept is, effectively a fiction. Any ruling asshole can extort anyone.

@nprofile1q... Doesn't have much of anything to do with arch as the packages are not linux variant specific and there is limited time and expertise to catch all issues.
In Debian it can take a lot longer for a fix to propagate. Of course that is a two-edged sword.

@nprofile1q... But what can be done with the remaining part of ME against me and in what context precisely? Show me how having an x86 coreboot router running openWRT can be successfully breached without physical presence for instance. Otherwise it is noise.

@nprofile1q... x86 is something I know very well. I don't see how mere opcode set is the problem. Coreboot is supposed to stop ME. How does it not.?

I am more interested in more private and secure systems and software. We don't have to go backwards in capability to do that. All for the good fight in depth as long as the perfect doesn't become enemy of the actually pretty good or at least much better.

2 GB of ram is worthless for most everything today So not an option.

32 GB is good. I don't buy machines except ultra portable laptops with less than 32 GB. And for small laptops nothing less than 16 GB. My physical machines are kept too busy for less.

@nprofile1q... Just read up. Very bad news and part of CALEA in US IFF you are using ISP provided modem and router (or combined as many are) . However I am safe from it ath ONT is terminated at a router I control that does not have any support for TR-069 whatsoever.

Really good for people to be aware of how government can crawl up our ass with such as this.

@nprofile1q... Yeah. First think I did with Fidium provided router is look for such stuff. They shipped it with uPnP on "as a convenience". Turned it off of course along with their other helpful "protection" that made connecting Cake Wallet over WiFI fail. And the rest of it will be replaced as soon as I finish setting up the ProtectLi.

@nprofile1q... Cool. Would love to know what the bit is and how to finagle it.

Oh Good News. My protecli has coreboot in flash.

@nprofile1q... It has been 50 years since I wrote or cared to write all the bits of an entire machine. I work today at deepest level I am willing to go to. It is enough for me. In my youth I wrote everything starting with raw hek. Now I have other things to do. And I certainly don't think that unless we go all the way to machine code that it is pointless to bother at all. That would be horrific learned helplessness.

I do not agree there is that strong evidence of BIOS backdoors to worry about. I eliminating the ISP shipped components except for the modem itself.

I think the remote management scare is a bit overplayed as it is not workable without hardware access on most machines as shipped in my understanding. .