Reply to post: Re: Open BIOS now needed

Hacking Team spyware rootkit: Even a new HARD DRIVE wouldn't get rid of it

Paul Crawford Silver badge

Re: Open BIOS now needed

You seem to mistake gov & TLAs for simple monolithic organisations with a singular goal. In reality they are complex, contradictory and often plain incompetent.

Some of the gov want back-doors and weaknesses in other people's systems, but most certainly do not want it in their own systems. But outside of the likes of NSA/GCHQ for secret-and-above projects, they all buy off the shelf computers and such p0wnage leaves them as vulnerable to other nations (and criminals) as we are.

Sadly most consumers don't understand and don't care, so they will apply no pressure on Dell, HP, Asus, Gigabit, etc, to offer us coreboot-compatible hardware (or the necessary documentation). My budget is for a couple of machines a year - will they listen?

So maybe having such UEFI malware from this hack out in the field is actually good in the long term as we, and major security vendors, can start asking pointed questions to suppliers about how to secure the BIOS, and how to put in our own more secure versions.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021