On Fri, Jan 15, 2016 at 12:38:12PM -0800, Blibbet wrote:
On 01/12/2016 11:36 AM, Kevin O'Connor wrote: [...]
As far as a roadmap, I understand there is a plan to add TPM 2.0 support to SeaBIOS.
I'm not aware of any new consumer devices shipping with the support, and I understand that KVM/QEMU have had TPM support for some time already.
Cheers, -Kevin
Thanks for the info, mentioned results here, including today's TPMv2 checking news:
http://firmwaresecurity.com/2016/01/15/seabios-gets-tpm2-security/
It sounds like some Chromebooks have SeaBIOS with TPMv1, unclear which OEM devices/models. I'm still interested in a list of other consumer devices with SeaBIOS and additional security, to point to in blog.
Google has been big on the TPM devices, so I thought all the chromebooks had them, but I don't know for sure.
I wish SeaBIOS documentation included a table comparing BIOS security features of all modern implementations, bare-metal and virtualized, to compare SeaBIOS's features with other BIOS implementations.
There is a Wikipedia article that compares SeaBIOS to other proprietary BIOS implementations. I don't have direct knowledge on the features of proprietary BIOS, so can't help with a direct comparison.
https://en.wikipedia.org/wiki/BIOS_features_comparison
-Kevin