:: Re: [DNG] Bad UEFI: was Systemd at …
Góra strony
Delete this message
Reply to this message
Autor: Clarke Sideroad
Data:  
Dla: dng
Temat: Re: [DNG] Bad UEFI: was Systemd at work: rm -rf EFI
On 02/05/2016 09:38 PM, fsmithred wrote:
> On 02/05/2016 08:48 PM, Joel Roth wrote:
>> Didier Kryn wrote:
>>>     The ability to brick the motherboard is brand new. Therefore admins
>>> should be seriously protected and warned against this eventuality, at least
>>> until it percolates into the general culture.
>> IIUC, this means malware will now be able to not only
>> erase, but to render its targets unbootable.
>> Also creating a new hardware recovery business. 
>> It seems somewhat bleak. Am I overreacting?

>>
>>
> Go with the flow, dude. It's worth the risk of malware for the benefit of
> having your vendor push firmware updates whenever they want. (Did I get
> that right?)
>
> Actually, I think you're underreacting. I would edit your statement to
> say, "...render its targets unbootable or worse." Malware authors and
> others who might have bad intentions for your hardware generally want it
> to keep working.
>
>

Yes I understand the EFI is a dandy place to conceal stuff if you want
it to survive to next boot and not be disadvantaged by _most_ hard drive
cleaning games.
Leaving it RW from the OS is just extra convenient for installation, how
nice.
Probably gets the NSA stamp of approval.

Clarke