1 |
Quoting Rich Freeman (2020-03-06 23:13:55) |
2 |
> On Fri, Mar 6, 2020 at 3:55 PM Wols Lists <antlists@××××××××××××.uk> wrote: |
3 |
> > |
4 |
> > On 06/03/20 19:39, Rich Freeman wrote: |
5 |
> > > |
6 |
> > > They don't detail the effort required. If the firmware is patched it |
7 |
> > > sounds like it still requires tinkering with hardware. |
8 |
> > |
9 |
> > By then it's TOO LATE. The firmware is signed for security, AND LOADED |
10 |
> > AT BOOT. But if the boot process is compromised, the attacker simply |
11 |
> > doesn't load the patched firmware. |
12 |
> |
13 |
> The patched firmware executes before any software you boot, assuming |
14 |
> your device was patched before the hacker got his hands on it. |
15 |
> |
16 |
|
17 |
Well, they say that vulnerability is inside ROM code [1], which |
18 |
is executed before any firmware. And because this is ROM it could |
19 |
not be patched. |
20 |
|
21 |
Ivan |
22 |
|
23 |
[1] https://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html |