[Secure-testing-team] how to handle SMM attacks?
Florian Weimer
fw at deneb.enyo.de
Mon Aug 10 19:13:53 UTC 2009
* Michael S. Gilbert:
> right, but debian now has almost all free software firmwares for those
> devices, and hence those threats are mostly nullified, right?
Only for firmware which is not that firm and lost if the power is
gone. If the manufacturer hasn't got rid off flash to store the
firmware, it's not particularly likely that Debian ships it.
> i think one of the key problems is that SMM updates can be initiated
> by the remote attacker without authentication; in fact this is
> intentional to be able to track stolen laptops.
Aren't you confusing two separate attacks? It's also quite unlikely
that those devices phone home by default. Why should you provision
resources to non-customers?
More information about the Secure-testing-team
mailing list