I suspect people are learning how to exploit EFI's immense attack surface. Unless it's a successful exploit of the ME, known to be achieved more than once already.

The entire PC ecosystem is a giant accident waiting to happen. I'm always surprised to find that people install Linux so they can "have control" of the system. Changing the kernel no longer gets you the amount of control it once did. If they knew how little control they have they'd really be upset. It's not 1999 any more. It's 2013 and the kernel is walled in by constantly running code on the same or other processors (there are at least 4 other OSes running on the average PC nowadays, all capable of doing bad things) that provide it an illusion of control but not complete control. If you really want a system you can trust a bit more, get a Chromebook. The amount of work done in Chromebooks to protect it is extensive and extends beyond the 386 firmware to the ME and the EC and even aspects of the IO devices.

ron