On Mon, 2007-06-18 at 20:14 +0200, Casper.Dik at sun.com wrote:
> And since the microcode is signed, the only risk is perhaps downgrading?
If the reason for the firmware upgrade is to fix a security hole,
preventing downgrades is important.
Though there's an additional risk -- that the undocumented signature
validation mechanism for the firmware upgrade blob is reverse engineered
and found to be weak. I find it worth noting that the structures
defined in this case include 32-bit checksums. I really hope that's not
the only "signature" involved...
- Bill
