> You can get a motherboard that has a removable bios chip that you can just > snap in to replace, Then call the company and have them send you one or > two to hold onto for emergency lol. There is also mobos with dualbios, > most ly this is for bringing a bricked board back to life.
I actually have one of those motherboards here. It sounded like a very kick-ass feature, the double-bios to restore in case of problems. And the board has 8 SATA, a dozen USB, some serious video and audio capabilities, 32g memory capabilities, IOMMU, etc. But it was given to me out of the blue right after I retired a dodgy/compromised machine, so I'm a little wary. A shame, because it's one hell of a motherboard. I might fire it up with Qubes in a non-critical/non-trusted manner. (Or set it up in a Windows machine, sell it, and buy a known secure motherboard. :) ) > Also don't forget malware can reside in other firmware also. SO that > means all pci devices, like gpu, netcard. etc... most experts will > tell you just to replace everything to be sure if you think you are > compromised at that level and its important. Would you say a motherboard that integrates a lot of that (with the dual recovery BIOS) would be less prone to compromise (or at least easier to restore from compromise) than a machine that separate PCI cards providing that sound/video/net? Presumably, if you can trust the vendor and its BIOS, one flashing of the BIOS (or recovery from the backup) should restore you to a state that could be trusted. A lot easier than doing the same (if even possible) for the net/sound/video add-on cards, no? Or would it be easier for a threat actor to attack a specific motherboard and its integrated peripherals, rather than a random set of add-on cards? JJ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/54219c183f184f416f6dda20c57ec5ba.webmail%40localhost. For more options, visit https://groups.google.com/d/optout.