| |||||||||||||
|
| |||||||||||||
Ronald Minnich of LinuxBIOS on EFIRonald Minnich of LinuxBIOS on EFIPosted Feb 7, 2007 5:15 UTC (Wed) by moxfyre (guest, #13847)In reply to: Ronald Minnich of LinuxBIOS on EFI by zlynx Parent article: Second batch of FOSDEM interviews
Everyone should be aware that this "problem", having the system BIOS/firmware/EFI executing unknown code, already exists. This is why the NSA has groups of people who disassemble and examine the firmware of every component of secure government PCs.Does the NSA publish their evaluations of such firmware? I know that they *sometimes* publish their evaluations of various cryptography systems (though sometimes keeping them secret, presumably to take advantage of weaknesses). That would be very valuable, I'd say. I know that hardware/firmware can already do such treacherous things... many high-end laser printers secretly reveal their serial numbers and timestamps on every printed page. However, I imagine that the cost pressure and generally chaotic short time scales on which most hardware is produced means that these kind of practices aren't widespread or effective. EFI worries me because it seems to explictly ENCOURAGE and standardize this kind of treachery...
(Log in to post comments)
Ronald Minnich of LinuxBIOS on EFI Posted Feb 7, 2007 9:32 UTC (Wed) by eklitzke (subscriber, #36426) [Link] Does the NSA publish their evaluations of such firmware? I don't actually know for sure, but my guess is that securities issues aside, publishing such a technical evaluation would be forbidden because it could reveal the manufacturer's trade secrets. Similarly, it could be construed as an endorsement (or lack thereof). These are all things that the NSA does not want to involve itself with.
|
|
||||||||||||