Announcement

Collapse
No announcement yet.

Intel MKTME Support Being Prepped For The Linux Kernel: Total Memory Encryption

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by starshipeleven View Post
    Are you assuming Boot Guard is actually set up properly by the OEMs? Because it's not, and this allows to bypass it.
    https://www.uhwo.hawaii.edu/cyber/in...-guard-bypass/

    Really, all it takes to make the goddamn system safe from digital attack without having to rely on OEMs doing a good job on software is a hardware switch that forces the SPI flash chip into read/only mode, easy, simple and freedom-respecting.

    According to the latest research, you can pwn the ME regardless of boot process. https://www.theregister.co.uk/2017/1...ffer_overflow/
    *sigh* There's me giving OEMs too much credit again.

    Damn shame SPI doesn't specify some kind of Write Enable line that an aftermarket switch could be patched into like with the battery-backed RAM in various video game cartridges.

    Comment

    Working...
    X