> I disagree when you say nooone is going to backdoor your bios. I think its > very common nowadays. as far as i know there is computrace that is an anti theft system that gain persistence over the os by dropping an exe that windows will load at boot time but this works only over fat32 and ntfs (not encrypted). i heard also about lenovo doing the same thing for ads or whatever. and after people got angry they released a bios patch to opt-out. but i wouldn't say "very common".
I don't think Qubes actually shields you from a buggy bios... yes, Qubes "shield" you because bios is simply not visible from the vm so for example a bug in S3 resume script that does not restore proper spi flash write protection is not a problem (from what i have understood). also see rutkovska: https://twitter.com/rootkovska/status/934695078764974080 > But I guess you are right not to worry about it yes, and please anyone, focus your efforts on something more probable; attackers always chose the cheapest path. take a look at: https://www.securityplanner.org/ (require javascript) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/53f0da74-8526-c099-9a47-b1d3aac46442%40posteo.net. For more options, visit https://groups.google.com/d/optout.
