
Replace Your Exploit-Ridden Firmware with Linux – Ronald Minnich, Google - maccam94
https://www.youtube.com/watch?v=iffTJ1vPCSo
======
feelin_googley
This is quite good.

It is really about the presence of multiple Intel x86 CPUs on a single
motherboard each running its own "kernel", but where the user only controls
_one_ of these kernels, and what control the user's kernel has over the
hardware is easily subverted by the others.

    
    
       SMM - can disable
       UEFI - can replace
       ME - can remove components
       ISH - not discussed
       IE - not discussed
    

The crunched binary for intramfs is written in Go and yet only 5.9MB. No
systemd. Everything, even init scripts, is written in Go.

