On Sat, Jan 07, 2017 at 10:16:39AM -0500, Kenneth Gober wrote: > The difference is, closed source firmware runs on the device itself > and if it's buggy, generally the most it will do is make the device > appear to be non-functional or unreliable.
If a PCI device has unrestricted DMA access, as is the case in most laptops and PCs today as far as I know (no IOMMU), it can do a lot of damage. In this case firmware running on devices essentially has root privileges on the OS since the firmware could modify arbitrary memory. It all boils down to whether you trust hardware vendors to not use their powers against you. There is nothing an OS kernel could do to prevent attacks at this level. This topic is regularly covered at hacker conferences, e.g. here: https://media.ccc.de/v/33c3-8314-bootstraping_a_slightly_more_secure_laptop (This mostly talks about BIOS code which actually runs on the main CPU but also mentions device firmware as a potential threat).
