[coreboot] Remote security exploit in all 2008+ Intel platforms
Trammell Hudson
hudson at trmm.net
Tue May 2 00:55:32 CEST 2017
On Mon, May 01, 2017 at 10:44:45PM +0000, ron minnich wrote:
> On Mon, May 1, 2017 at 1:17 PM Rene Shuster <rene.shuster at bcsemail.org>
> > Yes Puri.sm has been debunked.
>
> I disagree. I've seen the systems. From what I can see, Puri.sm has made a
> good faith effort to go as far possible *with modern x86 chipsets* toward
> getting rid of the blobs. They can't get to 100%, but they're trying to get
> as close as possible.
I've spoken with the puri.sm team about their coreboot plans and, beyond
just my delight that they are working on using the Heads bootloader, I'm
really pleased that they've committed to adding hardware features like a
discrete TPM, supporting coreboot, testing with the ME cleaner scripts,
and really significantly, ensuring that Bootguard can be implemented in
a way that preserves user freedom while also protecting against many
classes of physical attacks on the system.
--
Trammell
More information about the coreboot
mailing list