On 05/08/2017 12:40 AM, ron minnich wrote:
I thought the whole reflash path of AMT was to ask it to reflash itself. Is
that incorrect? If correct, and the AMT has been exploited via this path,
can we really trust any reflash operation? Any thoughts on this from anyone
who knows?
Yeah its a request, that can be denied or stealth-denied so it can't be
trusted.
I had a BIOS update on an older intel board go wrong as I had set in the
ME OPROM "Firmware Update" to "Deny" it would be very simple to mess
with the ME region re-writer programmer to re-add a backdoor to every
internal flashed image, and how many corps actually flash externally?
(none I assume)
I was involved in some USG issues around the time of Y2K and at least one
agency shredded every non-Y2K-compliant system they had. Would that make
sense for systems with this AMT vulnerability? Just assume the worst and
destroy them?
I guess you can always re-flash externally, I don't think even a nation
state has figured out the magic to get a regular flash EEPROM to
stealth-deny writes (have they? :0)
I am long past believing one can build secure platforms on any x86 chipset.
This mess only strengthens that conviction. But there are some great RISC-V
announcements this week!
What about pre-PSP AMD? as 95% of the way there - with POWER as 100% if
you get a fully open source, blob free machine like the palmetto or with
a little work the firestone.
--
coreboot mailing list: [email protected]
https://mail.coreboot.org/mailman/listinfo/coreboot
