On 02/01/2016 08:59 PM, Clarke Sideroad wrote: > On 02/01/2016 06:12 PM, Wim wrote: >> Hi all, >> >> It seems you can delete EFI vars if you're not careful. Someone found >> that executing "rm -rf --no-preserve-root /" also deleted EFI vars, >> turning his MSI Notebook into a brick. >> >> It also seems mounting these is hardcoded into systemd: >> >> https://bbs.archlinux.org/viewtopic.php?id=207549 >> >> efibootmgr needs to write to EFI vars, it seems. Here's Poettering's answer: >> >> https://github.com/systemd/systemd/issues/2402 >> >> Well, you've probably guessed the answer - Won't fix. >> > > The guy is unbelievable, but as you point out predictable. > There is a big difference between hosing a operating system install and > bricking a piece of hardware. > > Lots of hardware has bugs that need a work around and stuff like ROMs > that should only be RW if required. Ignoring it, not even stating a > logical position and closing the topic just shows the quality of the man > and his products. > > Looking around he seems to have a lot of apologist on his side that > really don't have a grasp of the situation. > > One wonders if it is confined only to the one piece of hardware or if > there are others that may share the code, looks like a potential exploit > to me. > > Some of you can just be glad that there is no room on most embedded > systems for the systemd shenanigans. (-; > >
I just received this link in an email: http://blog.virustotal.com/2016/01/putting-spotlight-on-firmware-malware_27.html As usual I may be over reacting, but it may add a bit of perspective to the problem of leaving the backdoor open with read write permissions. Clarke _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
