• 0 Posts
  • 4 Comments
Joined 1 year ago
cake
Cake day: June 15th, 2023

help-circle
  • Attacks only machines running specific Ubuntu kernels and using specific boot methods. Plus no actual payload. This doesn’t yet represent a real risk.

    Where we’ll be in ten years’ time is unknowable, however. I think the Ars commentors who suggested going back to forcing jumper cap swaps or other hardware-mediated access requirements before overwriting the mobo’s boot firmware might be on the right track, even if it’s inconvenient for large corporate deployments. It’s normal for security and convenience to pull in opposite directions, and sometimes you just have to grin and bear it.