this post was submitted on 15 Jan 2024
32 points (84.8% liked)
Privacy
31258 readers
659 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I know about ring 0, I just assumed UEFI would be off the disk and inaccessible to any software.
UEFI is off disk, but it is writeable to some degree.
Recently there was a story about a hack exploiting the ability to write boot images (as in vendor screens that display during boot).
There's also the ability to store executable code that runs even if the system doesn't have an OS - this is ostensibly used for theft prevention solutions. Just imagine how that can be abused.
UEFI is a ******* problem. I've never liked it. I get why it exists, but it's design was intentionally borked to push DRM-like control, under the guise of offering increased security. Yet we have that boot code that can be executed silently.
It would be nice to see the 80's BIOS wars again, with an open-source UEFI organization this time.