Another reason for open source.
It seems Dell shipped some malware infected systems. Interesting but not unheard of is that the malware was at the BIOS level rather than in the OS. The article mentions:
But the threat of hardware Trojans has been recognised at the highest levels. The Pentagon is spending millions on research designed to ensure it can trust the microchips in critical systems, especially those made outside the US.
It seems to me that open source BIOS is a perfect cure to this concern. See OpenBIOS and Coreboot. Isn’t it crazy to “spend millions” to protect yourself against code that you will never see? Wouldn’t it be easier to invest in open BIOS/firmware code and simply run a diff on it prior to making systems live? I’m no code guru and even I could verify certified code in like ten seconds, and that would cost like…. nothing. Diff is free (AIF) too.
No comments yet.