8 Dec
2017
8 Dec
'17
4:26 p.m.
On Fri, December 8, 2017 4:44 am, Zoran Stojsavljevic wrote:
Let me try again to state what I stated before, with some new insides, because Tim brought the new equation: HAP into this discussion.
In addition to all the issues with ME listed so far, systems from Dell etc. ship with UEFI BIOS. Due to its complexity and closed source approach, many different UEFI implementations have suffered many different vulnerabilities. Many (all?) include a full network stack. Coreboot is open source and simply a bootstrap, closing out large swaths of attack surfaces.