Intel ATR presented "Baring the system: New vulnerabilities in SMM of coreboot and UEFI based systems" at RECon Brussels last month:
https://recon.cx/2017/brussels/talks/baring_the_system.html The slides are online now: http://www.intelsecurity.com/advanced-threat-research/content/data/REConBrussels2017_BARing_the_system.pdf Their first conclusion is that "the root cause is that firmware assumes hardware is trusted". This seems to be less and less of a valid assumption. -- Trammell -- coreboot mailing list: [email protected] https://www.coreboot.org/mailman/listinfo/coreboot
