On 02/05/2016 09:38 PM, fsmithred wrote:
> On 02/05/2016 08:48 PM, Joel Roth wrote:
>> Didier Kryn wrote:
>>> The ability to brick the motherboard is brand new. Therefore admins
>>> should be seriously protected and warned against this eventuality, at least
>>> until it percolates into the general culture.
>> IIUC, this means malware will now be able to not only
>> erase, but to render its targets unbootable.
>> Also creating a new hardware recovery business.
>> It seems somewhat bleak. Am I overreacting?
>>
>>
> Go with the flow, dude. It's worth the risk of malware for the benefit of
> having your vendor push firmware updates whenever they want. (Did I get
> that right?)
>
> Actually, I think you're underreacting. I would edit your statement to
> say, "...render its targets unbootable or worse." Malware authors and
> others who might have bad intentions for your hardware generally want it
> to keep working.
>
>
Yes I understand the EFI is a dandy place to conceal stuff if you want
it to survive to next boot and not be disadvantaged by _most_ hard drive
cleaning games.
Leaving it RW from the OS is just extra convenient for installation, how
nice.
Probably gets the NSA stamp of approval.
Clarke