[coreboot] SPI controller and Lock bits
peter at stuge.se
Sat Sep 29 09:37:33 CEST 2018
Youness Alaoui wrote:
> We don't have/use ChromeEC and I think that telling every user that
> they'd need dedicated hardware to update their BIOS makes no sense.
I think you can decide what hardware your products include, right? I
meant dedicated hardware on the mainboard.
> > > Looking for a software solution is IMO like Intel trying to secure SMM.
> I don't see why that would be true, the software solution is pretty
> simple. You boot, you can write to the flash in a secure environment,
Intel also considered SMM a secure environment, until they realised
that it isn't. These days I think they consider ME a secure environment.
More information about the coreboot