SoylentNews is people
SoylentNews
Joanna Rutkowska's blog points to recent paper on a survey of the various problems and attacks presented against the x86 platform over the last 10 years. The paper does not present new exploits but does cover: the BIOS (UEFI) and booting; peripherals; the Intel Management Engine; and several other aspects of x86 insecurity. Some of the problems appear insurmountable as described.
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Nothing so needs reforming as other people's habits.
-- Mark Twain, "Pudd'nhead Wilson's Calendar"
(Score: 0) by Anonymous Coward on Friday October 30 2015, @07:32PM
I'm not an electrical engineer but AFIK, it's possible to create a set-only volatile flags which once set can prevent the overwriting of the chip in the physical circuitry even by the BIOS itself. This would allow to ensure that only uncompromised firmware code can update itself as long as the flag is always set before executing the boot loader, for example, by ensuring that the user must always actively confirm the update when flashing through software.