On Mon, Jun 18, 2007 at 02:38:55PM -0400, Bill Sommerfeld wrote: > Though there's an additional risk -- that the undocumented signature > validation mechanism for the firmware upgrade blob is reverse engineered > and found to be weak. I find it worth noting that the structures > defined in this case include 32-bit checksums. I really hope that's not > the only "signature" involved...
Are the algorithms used by Intel public? If not then that's an additional reason to do our own signing.
