Originally posted by tuubi
View Post
Announcement
Collapse
No announcement yet.
Mark Shuttleworth Calls For An End To ACPI
Collapse
X
-
-
Originally posted by tuubi View PostUEFI is quite complex, that's a given, but amount of documentation is hardly the best measure for software complexity in the general case. [...] Not that all the functionality UEFI provides is necessary or even desirable from a user's standpoint.
That this is a security problem was demonstrated by the Linux kernel in the past, where obscure network protocols have given rise to vulnerabilities several times.Last edited by chithanh; 18 March 2014, 10:11 AM.
Comment
-
Originally posted by chithanh View PostThe problem is that if you try to make a UEFI implementation that you want to sell, you want to tick as many checkboxes with potential buyers as possible. So you try to make your implementation as complete as you can. With your QA resources spread thinly over the resulting huge codebase, less used parts will see not as much testing. Then you end up with a UEFI implementation where many functions are called not very often or at all.
That this is a security problem was demonstrated by the Linux kernel in the past, where obscure network protocols have given rise to vulnerabilities several times.
Even the term "security" has been hijacked to be all about securing the rights of the corporations against the pesky users installing all kinds of crazy stuff on their new Macs or Windows laptops. You know, weird and highly suspicious things like Linux or other such WMD. We obviously don't know what we're doing (or maybe we do but that doesn't make them any money) so they'd better make sure we can't even try.
Comment
Comment