[coreboot] Remote security exploit in all 2008+ Intel platforms

Zoran Stojsavljevic zoran.stojsavljevic at gmail.com
Tue May 2 14:36:03 CEST 2017 

I would not be so critique oriented to Youness Alaoui, but much more
appreciative. Do not know too much about Purism as company, but if Purism
made some fraud/false promises to its customers, it is another story, which
does NOT have anything to do with Youness and his published work here.

Every Open Source effort to debug/explain INTEL ME and its modules, even in
"C" pseudo code which does NOT compile makes VERY great/positive effort
toward mysteries resolved. At least to me. It reveals more missing puzzles
to the PCH/ME architectural picture, at least.

To me, it means a lot. I do need to know as much of the picture as
possible. You all guess why?! ;-)

I will certainly encourage Youness to continue with his work. Great work
(explaining additional black holes in ME) done!

Please, keep up the good work! :-)

Zoran Stojsavljevic

On Tue, May 2, 2017 at 1:02 PM, Nico Huber <nico.huber at secunet.com> wrote:

> On 02.05.2017 04:52, Youness Alaoui wrote:
> > Ron couldn't be more right when he says that you can't appreciate how
> much
> > work it is to go from a "it works" to a "it's tested/verified and made
> into
> > a *product* for actual users". It took me 6 months of work to finish the
> 4
> > days of work that Duncan Laurie did (I believe it took him 4 days to do
> the
> > initial port, feel free to correct me if I'm mistaken, and yes of
> course, I
> > am totally new to the coreboot world, so a lot/most of that time was
> spent
> > on the learning curve).
>
> Well, I interpret Ron very differently... I think you are at the "it
> works" state. 6 months of coding are the easy part where you don't have
> to convince other entities to use your code. Let's wait until you have
> made it into a shipping product and reflect then. I guess the really
> tricky part comes when you ask your contractor not to license the UEFI
> they usually ship (i.e. don't let your coreboot customers pay for the
> other side).
>
> Nico
>
> --
> coreboot mailing list: coreboot at coreboot.org
> https://mail.coreboot.org/mailman/listinfo/coreboot
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot/attachments/20170502/49a72eb9/attachment.html>

More information about the coreboot mailing list