• TheOtherJake@beehaw.org
    link
    fedilink
    English
    arrow-up
    38
    ·
    1 year ago

    There are several vulnerabilities in bootloaders that have not been fixed. Namely, there is an entire tiny operating system that is used to initialize the processor before the main bootloader begins. Then the bootloader creates a bunch of handles to control the hardware, and hands them over to the operating system kernel. The i-core/ryzen processors include the second generation of this tiny underlying operating system that runs before everything else. This tiny operating system was originally marketed as a way to remotely monitor and troubleshoot data center servers, but this is a very weak and flawed marketing strategy. The way this system runs before everything else, it has root/admin privileges and access that supersede everything that comes after it. A bad actor accessing this system is absolutely game over for all hardware including the bootloader itself. Well this tiny operating system is tied to the microcode for the processor generation.

    If you know anything about old computers that had a bunch of boards and chips inside the case, modern computers still have all of these chips and systems, but they are all integrated into just a few chips. These systems are still complicated and have a certain way they must be powered up and initialized so that each system begins in a specific state along a long chain. The “microcode” in a modern computer is really just a bunch of “software” that controls the order that the hardware is brought online. In the i-core/ryzen generation of hardware the microcode is proprietary and copyright protected. This is a way to get around many x86 patents expiring. It has long been speculated that the tiny operating system is also a back door for governments as it can completely own any system regardless of encryption or any other security measures.

    There is a way to mostly disable this tiny operating system but there is no way to monitor or confirm its activity at run time. OpenSIL is like having access to the control room of this tiny operating system for the first time. It means it is now possible to completely secure and verify the state of a system. There is no security in obscurity. OpenSIL is the removal of a major failed attempt at security through obscurity.

    Ultimately, at the most fundamental level, openSIL means full ownership over your hardware. I can buy AMD, but can only rent Intel. Intel keeps ownership of this tiny little corner of the hardware and they have done a terrible job of managing what they own. When faced with that buying choice the outcome should be obvious, assuming you are able to run the software that can take advantage of this. It will take at least a few months, but there should soon be a completely open source version of Coreboot that will use openSIL. Hope this helps.