Intel ME (2006+ systems)/AMD PSP (for FM2/AM4), malicious firmware,
exploits for the various devices on your system (the IOMMU is
initialized too late on x86 to protect the host from DMA exploits in the
pre-OS boot window)
The sky truly is the limit.
If you want *reasonably* secure computing you have to either buy a blob
free coreboot board or spend 4K+ on an OpenPOWER8 system that has open
source field re-programmable firmware.
Still currently even on coreboot you have the DMA window problem,
although theoretically it can be fixed.
https://blogs.coreboot.org/blog/2015/02/23/the-truth-about-purism-why-librem-is-not-the-same-as-libre/
https://hackaday.com/2016/01/22/the-trouble-with-intels-management-engine/joanna's
papers are a great read - she is one of the few elite security
researchers that actually understand the problem posed by unaccountable
supervisor processors.
On 11/16/2016 03:03 AM, [email protected] wrote:
If i have intel processor with the vPro technology - should i afraid some "factory
vulnerabilities" of that technology and some manipulation with my BIOS. Or security
of Qubes is higher of that level?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/fe7a6040-7c4b-f16b-44ff-45e2eb948abc%40gmx.com.
For more options, visit https://groups.google.com/d/optout.
