|
|
|
|
|
|
by usr1106
2472 days ago
|
|
|
>install vulnerable SMM handlers How can an SMM handler be vulnerable? The biggest problem with SMM is that they run in ring -2. Nothing on the machine can see what they are doing. Well, they are using memory, if you can manipulate the memory they are using you can manipulate what the handler does, even if you cannot see it executing. But wasn't that the hole closed in 2011? https://www.theregister.co.uk/2015/08/11/memory_hole_roots_i... This is fascinating to discuss or very worrying to use. That's why I wrote I'd prefer ARM over Intel any time. It just does not have such a horrible mess of BIOS, SMM, ME and whatnot taking control away from the programmer/machine owner. But setting a simple Windows API like WPBT described in the article in relation to SMM is comparing apples and oranges. Linux has nothing comparable to WPBT, but of course it cannot be more trustworthy than the Intel/PC platform to begin with. For a dedicated 3 letter agency that's probably equivalent to not at all, but for the average PC vendor trying to force their idea of "user support" on you it's a sufficient hurdle, I'd hope. |
|
|