[coreboot] BadBIOS Thoughts
Denis 'GNUtoo' Carikli
GNUtoo at no-log.org
Sat Nov 9 00:19:33 CET 2013
On Sun, 03 Nov 2013 13:47:15 -0600
Alex <mr.nuke.me at gmail.com> wrote:
> I'm sorry Ron, but you're just asking me to take your word for it. I
> can't do that. There's more secret code running on a Chromebook's
> firmware than there is free code. In fact, I would argue, most code
> where attack vectors could hide is secret. It's a foul's paradise.
It seem way worse with newer "FSP" blobs...
On qemu, coreboot is not necessary: some coreboot payloads (like
seabios) are capable of beeing the full bootstrap firware(because
qemu is really simple: most of the complex hardware already works).
Then I really wonder what's left for coreboot in the systems that uses
the FSP blob.
If I understood correctly, coreboot would run as hooks, and do some
mostly standard stuff that a payload (or coreboot) can do.
Then at the end coreboot would run a payload.
Denis.
More information about the coreboot
mailing list