On 3/9/20 1:22 PM, Punk-Stasi 2.0 wrote:
I'm sending this again because it seems kinda on-topic (as opposed to say, the flu hysteria, 'womens day' and similar garbage)
http://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html
It's not clear to me how the exploit is supposed to work, and I haven't researched it further, but as far as I can tell it seems as if all chips have one single, master private key in them...or something like that.
My naive assumption is that all locked down hardware-malware has a publick key in ROM, and that the chip will only accept signed firmware. So there shouldn't be any private key. But the intel system looks a lot more complex.
So, what's going on?
The one malicious use I've seen mentioned is the possibility of a virtually undetectable keylogger running at bios level during the machine's operation. Rr