[Arm-netbook] EFI/UEFI bios question

Tue Oct 3 01:22:58 BST 2017

        Despite the negative press and the huge skepticism over their
posh brand and shell-shocking optimism in area people have been
cynical for a long while, they claim they've completely disabled Intel
ME as well as completed their coreboot port. Both of these have been
relatively recent developments, but I think it's not unreasonable to
say there is a correlation between these successes and the
endorsements they are getting from gnome and kde with their new phone
project. And, I'm sure these people would have <i>checked</i>.
        That in mind, EOMA is still designed around portability,
hardware openness, and reparability (with importance expressed in
reverse order). x86 got torn apart to shreds at the last Blackhat as
far as I can tell. Libre linux on RISC is definitely going to be the
first 100% safe harbor for secure computing. It would be very nice if
the folks at Purism added a EOMA card slot at some point in the coming
future to their computers.
        I doubt these Purism laptops would be any bit disappointing.

On 10/2/17, Joseph Lira <saitdude at hotmail.com> wrote:
> Hello
>
>
> I know this is an arm project, but honestly I didn't know where else to ask
> this question without getting lynch, well hopefully I wont get lynch here
> neither
>
>
> So I'm in the market for a new laptop and I recently rediscovered the
> finding for legbacore when if come to malware attacks
>
> on UEFI,
> http://www.legbacore.com/Research_files/HowManyMillionBIOSesWouldYouLikeToInfect_Whitepaper_v1.pdf
>
> <http://www.legbacore.com/Research_files/HowManyMillionBIOSesWouldYouLikeToInfect_Whitepaper_v1.pdf>http://www.legbacore.com/Research.html
>
> and how until today there seems to be no real solution to the problem as no
> manufacture continues to support hardware through bios/firmware updates
> after usually 1 year of purchasing a product, well Apple seems to be the
> only one. And no I don't consider as a solution running old x200 with
> coreboot or libreboot as this approach is not really practical for the
> day-day user. Let face is who doesn't know someone like this
>
> https://duckduckgo.com/?q=cloudy+with+a+chance+of+meatballs+dad+computer&t=ffsb&ia=videos&iax=1&iai=2bTBVdumayw
>
>
> Just one thing, please don't give me the libre speech about Intel ME, I get
> it, I just don't want the replies to become a holy fight as to why I'm evil
> or x person is evil, I want to understand better the situation and possibly
> get some suggestions
>
>
> So my questions are
>
>   1.  Is my pre 2014 non uefi hardware more susceptible to vulnerabilities
> than lets say a laptop that was bough last year that is no longer getting
> bios updates?
>   2.  Should I be concerned about running old hardware? If not is there
> anything I can do to better protect my hardware and for the wise guy
> unplugging the computer from the internet is not a solution LOL
>   3.  If I run uefi with secure boot enabled with my own keys em I more
> protected against having my system compromised?Remember this is not about
> Intel ME
>   4.  Em I better off buying a macbook vs pc? lets face it, both are
> companies that are for profit and both have there own evils
>   5.  Should I consider buying a librem laptop? Though I do think $1300 plus
> is to much. Seems to me that they are closer to have coreboot and disabling
> ME on there laptops than anyone else
>   6.  Is there hope for the new AMD ryzen cpu at delivering what is required
> to port it to coreboot? Should I wait for it?
>   7.  A little of topic but is PureOS from purism any good at doing what it
> promises? Or are there other distro better?
>
>
> thank you in advance to anyone who replies, links and articles are welcome
> _______________________________________________
> arm-netbook mailing list arm-netbook at lists.phcomp.co.uk
> http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
> Send large attachments to arm-netbook at files.phcomp.co.uk