Joanna Rutkowska's blog points to recent paper on a survey of the various problems and attacks presented against the x86 platform over the last 10 years. The paper does not present new exploits but does cover: the BIOS (UEFI) and booting; peripherals; the Intel Management Engine; and several other aspects of x86 insecurity. Some of the problems appear insurmountable as described.
(Score: 4, Interesting) by novak on Friday October 30 2015, @08:43PM
The only mitigation to ARM's many woes is that at least we have multiple vendors producing them and the BIOS is sometimes open. x86 is rapidly becoming intel only, and nearly every x86 board ever made runs proprietary BIOS and firmware.
Going to another architecture- even one not much better- could still be a massive step in the right direction as the amount of devices running open firmware skyrockets. Allowing modification of firmware and BIOS at least helps clear up glaring backdoors like IPMI and badUSB which have been standing wide open for years.
novak
(Score: 2) by NCommander on Friday October 30 2015, @11:42PM
ARM mostly uses the same UEFI base (TianoCore) as x86 for anything that isn't embedded.
I'm not kidding when I can say with a straight face it was an improvement in increasing the "just works" factor over u-boot. Unfortunately, TianoCore isn't GPL, so its not required that vendors post their firmware source.
Still always moving