> Due to its complexity and closed source approach, many different UEFI implementations have > suffered many different vulnerabilities. Many (all?) include a full network stack.
I have closed UEFI shell UEFI. As you all, probably, if you use UEFI as BSP. You could NOT enter UEFI shell, since every vendor disables this. I can break into the UEFI shell in no time. Then, you can imagine what I can do? As example, write .efi rootkit file, to exploit UEFI. Etc... NOT to mention that UEFI on my notebook is protected with the admin password, but this does NOT prevent me to break into the UEFI shell (I do NOT care about password protection, as it does NOT exist at all). Zoran On Fri, Dec 8, 2017 at 4:26 PM, awokd <aw...@elude.in> wrote: > On Fri, December 8, 2017 4:44 am, Zoran Stojsavljevic wrote: > > Let me try again to state what I stated before, with some new insides, > > because Tim brought the new equation: HAP into > > this discussion. > > In addition to all the issues with ME listed so far, systems from Dell > etc. ship with UEFI BIOS. Due to its complexity and closed source > approach, many different UEFI implementations have suffered many different > vulnerabilities. Many (all?) include a full network stack. Coreboot is > open source and simply a bootstrap, closing out large swaths of attack > surfaces. > > >
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
