“Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats,” ESET researchers wrote. “Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats.”
Who would’ve thought replacing a BIOS with what’s essentially a micro-computer would open a can of worms…
BIOS was always a micro computer… it’s just more standardized now.
And especially things like IPMI (which is essentially a company-sanctioned backdoor to any intel server) which has a full on webserver with an unknown number of threat vectors, things like this really fall flat for security.
I meant BIOS is way more limited in scope than UEFI and that’s a good thing.
Although since the limitation was most likely due to hardware of the day, i don’t know how would a modern BIOS look like.
Probably like UEFI
If you’re looking at Intel, you might be thinking IME/vPro
IPMI (such as iDRAC on Dell) runs off-processor on a different section of the motherboard typically and is installed on AMD servers as well.
Intel ME is a whole thing, too.