CPU as a service // MINIX in Intel ME

Jann KRUSE jannkruse at fsfe.org
Tue Nov 28 21:23:54 UTC 2017

On 24 November 2017 18:19:23 EET, Giovanni Biscuolo <g at xelera.eu> wrote:
>2. between the "user facing OS" and the hardware there are at least 2 ½
>OS kernels (MINIX and UEFI)
>3. these are proprietary and very likely exploit-friendly

Update: Have been exploited... 
(And you wouldn't even realize it!)

>4. the exploits can persist, i.e. be written to FLASH, and you can't
>fix that 
> [...]
In short:
We are essentially being forced, without even being told, to run buggy proprietary code in a very powerful and very capable hyper-hyper-visor of our OS, which can (benign or maliciously) control both the (free) software we run and the hardware we "own", without our knowledge.
(See also in-line comment below..)

PGP 0xE7A47A578A30148A
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fsfe.org/pipermail/discussion/attachments/20171128/ad5aaf02/attachment.html>

More information about the Discussion mailing list