Is it worth figuring out how to externally re-flash grey market "intel" nics - or is the onboard NVM flash unable to do anything too terrible? In the newer (the 3 digit i/x series like i350, x540 etc) nics intel has added a "security" flash write protect feature so I imagine their flash stuff isn't as potentially innocent as in the older chips. If so does anyone how to do this?
How is this dealt with from a coreboot onboard NIC perspective?
Obvious stuff applies, such as a general NIC exploit leading to a WAN>LAN pivot bypassing IOMMU if both WAN and LAN are processed on the same chip but that isn't what I am referring to.
You may find this interesting: https://www.servethehome.com/investigating-fake-intel-i350-network-adapters/
When this news first came out there was a conspiracy theory started on the pfsense forums and a lot of smart people bought in to the idea that they were some kind of foreign intelligence agency scheme to spy on american companies (I myself know a few important corps that use DIY routers, so it could be true)