Page Body

Page Main

Post Main

Post Article

Dan Goodin, Ars Technica:

Attacks against EFI are considered especially potent because they give attackers control that starts with the very first instruction a Mac receives. What’s more, the level of control attackers get far exceeds what they gain by exploiting vulnerabilities in the OS or the apps that run on it. That means an attacker who compromises a computer’s EFI can bypass higher-level security controls, such as those built into the OS or, assuming one is running for extra protection, a virtual machine hypervisor. An EFI infection is also extremely hard to detect and even harder to remedy, as it can survive even after a hard drive is wiped or replaced and a clean version of the OS is installed.

Whereas Apple is solely responsible for supplying the motherboards that go into Macs, there are a wide number of manufacturers supplying motherboards for Windows and Linux machines, with each manufacturer providing vastly different families of firmware.

This is why projects like fwupd and coreboot are so important.

Paul Ciano

Enjoyed this post?

Subscribe to my feed for the latest updates.