Am Samstag, den 13.10.2018, 10:27 -0700 schrieb ron minnich:
good summary.
The most security critical code gets the least attention and no external security review.
If this sounds crazy, well ... it is.
I honestly don't think that matters at all. Worrying about crappy BIOS code while a real time surveilance tool like the IME is on the system is like complaining about missing sweets on a sinking ocean liner.
On 10/14/18 6:22 PM, Philipp Stanner wrote:
Am Samstag, den 13.10.2018, 10:27 -0700 schrieb ron minnich:
good summary.
The most security critical code gets the least attention and no external security review.
If this sounds crazy, well ... it is.
I honestly don't think that matters at all. Worrying about crappy BIOS code while a real time surveilance tool like the IME is on the system is like complaining about missing sweets on a sinking ocean liner.
Ahem, I dare to object. If you don't control the host processor, why care about other controllers in the system? That some people have seen the "crappy BIOS code" doesn't mean that anybody understood or even audited it. So in both cases you just have to trust Intel that they don't screw you.
IMHO, Intel currently has bigger firmware issues than the ME alone. But we shouldn't try to see that as separate problems, it's all entangled in their platforms anyway.
Nico
-
Nico Huber -
Philipp Stanner