
Who else is sick of these proprietary, unremovable, unreplaceable, often hostile black boxes in their machines? Where this gets really scary is that even the firewall systems probably have a BMC of some sort, so even blocking the BMC at the edge isn't always feasible. Plus, these kinds of hacks can be utilized from a single intrusion on the host machine itself, to install an APT no one is looking for. One that will survive the normal cleanup process after the intrusion is detected.
Something that can survive an OS reinstall / hypervisor reload is not to be taken lightly unless your org has the tools, datasheets, binary files, schematics, etc. to reload the mainboard ROMs externally before reloading the OS / hypervisor. Very few do.
I'm personally excited about OpenBMC, as a Linux shop we've used it with OpenPower machines and it's a big step up from AMI etc. A little rough around the edges but it sure beats this kind of mess, especially with the peer review model already having caught fun security holes that the proprietary vendors just ignored and hid for years (CVE-2019-6260 and mates).