

The PC BIOS is Insecure As Hell. WHY? - _quasimodo
http://www.rootwyrm.com/2013/11/the-pc-bios-is-insecure-as-hell-why/

======
_quasimodo
Since his comments seem to be broken (or he just does not accept any) i will
comment here:

I believe it is very well possible (using the UEFI IP stack) to write a tiny
and portable BIOS malware that loads hardware and OS probing code, filesystem
drivers and OS specific payload from a c&c server.

Also i suspect that the checksums might be breakable, but i don't know which
algorithms are used to calculate them.

