On Sat, 22 Feb 2014 12:13:47 -0800 Blibbet <blib...@gmail.com> wrote:
> > This is kinda hard to say. I've heard that on x86, it is possible > > that the BIOS keeps executing code even after it started the > > system, so perhaps something like that can happen too. > > UEFI remains running while the loaded OS runs. The OS (and apps) can > communicate with EFI. > > EFI is a complex standalone realtime embedded event-driven OS, not > just a simplistic firmware/loader. > > EFI has "Runtime Services" which can communicate with the OS (Linux, > Windows, etc.). The main one is for accessing variables (like > environment variables). Others OS vendors or OEMs or firmware vendors > can add other runtime services. For example, I believe (unconfirmed) > that Apple moved some of their OSX DRM code into an EFI runtime > service. Malware authors can write EFI runtime service drivers and -- > if they can install them on your system -- you'll have a hard time > determining it is there. flashrom -p <some_external_programmer> -r efi.bin Then analyse that, but I don't think it's worth the time. flashrom -w build/coreboot.rom is way more usefull. > The firmware software is one threat. The other threats are > out-of-bounds processors, > like IPMI, That "IMC" doesn't seem very dangerous[1] on AMD devices. > AMT, etc. There're more of these Yes, that's the most concerning thing. References: ----------- [1]http://www.coreboot.org/Binary_situation#recent_AMD Denis.
signature.asc
Description: PGP signature
_______________________________________________ Replicant mailing list Replicant@lists.osuosl.org http://lists.osuosl.org/mailman/listinfo/replicant
