Hacker News new | past | comments | ask | show | jobs | submit login

Joanna Rutkowska has written about Intel based products that are possibly vulnerable to the Intel management engine code. Even if you run an open source operating system such as Linux or FreeBSD, there is still proprietary code in the management engine that you cannot look or verify that its secure.

Here is the paper http://blog.invisiblethings.org/papers/2015/x86_harmful.pdf

UEFI is another gigantic hide point for malware.

I think one could possibly run more simple platforms such as Raspberry PI, Odroid which may not have embedded management engines. That should be more secure than x86 platforms.

Even the raspberry pi ARM cpu is slave to the VideoCore GPU, as the GPU (and its corresponding binary blob) is what initializes first on powerup and only later does it boot up the ARM CPU.

The situation is better than what it was - https://github.com/christinaa/rpi-open-firmware

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact