Yooper
Up. Identified. Lase. Fire. On the way.
Do any of you computer aficionados out there in Forumland have any thoughts on hardware/firmware security wrt using off-brand IT?
I have always bought my computers (and other devices that can store/process my personal info) from reputable companies. I do this b/c I work from the assumption that the hardware/firmware is therefore "secure" (meaning, no backdoors in or baked-in routing instructions out that could compromise my PII). I hope that's a safe assumption....
But what if I wanted to toy around with any number of the mini PCs on offer these days at really reasonable prices from companies I've never heard of? (Take, for example, a Guzila mini PC I stumbled across on YouTube.*)
Is it safe to do so? Can I have the same assurances that what the hardware is advertised to be is? That it has not been modified? Are there off-the-shelf ways to check for misbehaving hardware instructions that are available to the non-specialist?
Or is all of this irrelevant b/c ports and instruction sets are ultimately OS driven? Or no, it's not irrelevant, so just stick to the known name brands...?
I ask not because I want to use one of these for my personal computing; rather, I was trying to figure out if it would be safe to add one to my local network for streaming/as a media server/etc. So the device would have some log-in info (let's say, to Netflix or CBS All-Access), as well as access to other devices on the local network that do have PII on them.
This is more a theoretical question than an actual one at this point because I can buy a known-brand mini PC for not too much more than one of these no name mini PCs is going for. But what if I came across a really good deal (like those that always seem on offer during the holiday season) allowing me to buy a "rig" to test out some stuff and wouldn't feel bad if I bricked it? Is there risk? Am I trading actual security for a pittance?
Sorry if this is a dumb question in any regard. But given what I used to do in a previous life on behalf of Uncle Sam and that I have been the victim several times in several ways as a result of the OPM hack several years ago (as well as from some follow-on hacks of our government's computer systems) I have tended toward being hyper(?) vigilant with things like this.
Thanks, in advance, for any input any of you might have.
* Here's the Amazon product page of the one I ran across on YouTube:
Amazon product
--- End of line (MCP)
I have always bought my computers (and other devices that can store/process my personal info) from reputable companies. I do this b/c I work from the assumption that the hardware/firmware is therefore "secure" (meaning, no backdoors in or baked-in routing instructions out that could compromise my PII). I hope that's a safe assumption....
But what if I wanted to toy around with any number of the mini PCs on offer these days at really reasonable prices from companies I've never heard of? (Take, for example, a Guzila mini PC I stumbled across on YouTube.*)
Is it safe to do so? Can I have the same assurances that what the hardware is advertised to be is? That it has not been modified? Are there off-the-shelf ways to check for misbehaving hardware instructions that are available to the non-specialist?
Or is all of this irrelevant b/c ports and instruction sets are ultimately OS driven? Or no, it's not irrelevant, so just stick to the known name brands...?
I ask not because I want to use one of these for my personal computing; rather, I was trying to figure out if it would be safe to add one to my local network for streaming/as a media server/etc. So the device would have some log-in info (let's say, to Netflix or CBS All-Access), as well as access to other devices on the local network that do have PII on them.
This is more a theoretical question than an actual one at this point because I can buy a known-brand mini PC for not too much more than one of these no name mini PCs is going for. But what if I came across a really good deal (like those that always seem on offer during the holiday season) allowing me to buy a "rig" to test out some stuff and wouldn't feel bad if I bricked it? Is there risk? Am I trading actual security for a pittance?
Sorry if this is a dumb question in any regard. But given what I used to do in a previous life on behalf of Uncle Sam and that I have been the victim several times in several ways as a result of the OPM hack several years ago (as well as from some follow-on hacks of our government's computer systems) I have tended toward being hyper(?) vigilant with things like this.
Thanks, in advance, for any input any of you might have.
* Here's the Amazon product page of the one I ran across on YouTube:
Amazon product
--- End of line (MCP)
Last edited: