Originally posted by Adarion
View Post
Because even a Linux kernel inside there... it would need upgrading after time.
Complexity brings new attack vectors / surface.
How often do you see firmware updates?
This is supposed to be a Coreboot 2.0, so you can update it if the board is supported.
They don't remove 100% ME nor 100% UEFI as they are still required for board initialization, and getting information to support a board without UEFI is not easy, so they just nuke and replace anything that is talking with the outside world with u-root embedded Linux firmware thing that acts as a bootloader-shield that can be updated regardless of the lower level blobs.
Comment