[coreboot] Source code for "Intel Firmware"
Nico Huber
nico.h at gmx.de
Sun Oct 14 18:55:21 CEST 2018
On 10/14/18 6:22 PM, Philipp Stanner wrote:
> Am Samstag, den 13.10.2018, 10:27 -0700 schrieb ron minnich:
>> good summary.
>>
>> The most security critical code gets the least attention and no
>> external security review.
>>
>> If this sounds crazy, well ... it is.
>
> I honestly don't think that matters at all. Worrying about crappy BIOS
> code while a real time surveilance tool like the IME is on the system
> is like complaining about missing sweets on a sinking ocean liner.
Ahem, I dare to object. If you don't control the host processor, why
care about other controllers in the system? That some people have seen
the "crappy BIOS code" doesn't mean that anybody understood or even
audited it. So in both cases you just have to trust Intel that they
don't screw you.
IMHO, Intel currently has bigger firmware issues than the ME alone. But
we shouldn't try to see that as separate problems, it's all entangled
in their platforms anyway.
Nico
More information about the coreboot
mailing list