-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/01/2017 07:13 PM, Denis 'GNUtoo' Carikli wrote: > On Tue, 25 Apr 2017 22:38:15 +0800 > Shawn <cit...@gmail.com> wrote: > >> slide: >> https://www.troopers.de/downloads/troopers17/TR17_ME11_Static.pdf >> >> video: >> https://www.youtube.com/watch?v=2_aokrfcoUk >> > > Thanks a lot! This is very interesting. > > I probably missed something about the ROM bypass: Since you have flash > images with ROM Bypass in use, what would prevent someone from: > - Finding and buying hardware with ROM bypass enabled. Are there any > business or consumers laptops/desktops/workstation with such feature? > - Writing your own code in the ROM ME partition and executing it. > > Denis. >
I would expect the signature checks by the hardware would stop execution of unsigned ROM ME code. - -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJZC5cRAAoJEK+E3vEXDOFb51QH/1OpPkzVUr6UuGXvOBpL2N0m jn/7J+m2xzLyKG0/L21GpuoGoxpBq8tfx1Wg2nF9teGnan4jR7DVgD7XnHbJx3yc /Ovdhhy6iR/BtF02xkAF8DhniNZGdNYEsNEKJ1Cag/hVfAeznuhL+UzKB/mOb9aj VYZEZ5BVhCJFEl5p38Po9gnY8FOwqkuJuK/4FR2JgHTTke64ABGS29/jAnRuhGfn BrgSURRFq/ndZrQUNhRdXNRJr8KJAJzR9FAZenyfDTkjAFvZeew/qi3qmHtM1d0x oitp2+WCbJF0OkNcdc/5GjIJSqgR08aZlderlqhA0cTLK0XWYiwMrfUadNZSfWY= =JDix -----END PGP SIGNATURE----- -- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot