@rysiek@mastodon.technology "*this UEFI implant seems to have been used in the wild since the end of 2016 -- long before UEFI attacks started being publicly described*", uhm hello I'm right here. https://trmm.net/Thunderstrike_31c3/
@djsumdog @rysiek@mastodon.technology CPU features like BootGuard, if correctly used by the OEM, would prevent this sort of attack. Not all vendors have configured it right, and sometimes Intel's reference code has had issues. Two of mine and my notes: https://trmm.net/TOCTOU/ https://trmm.net/Sleep_attack/ and https://trmm.net/Bootguard/
@rysiek@mastodon.technology *technically* I was talking about an *EFI* implant, although even then I was very late to the party