Comment on New UEFI vulnerabilities send firmware devs industry wide scrambling
Supermariofan67@programming.dev 5 months ago
Not at all surprised, motherboard firmware from most vendors has always been a steaming pile of shit code, often not even built to spec.
SnotFlickerman@lemmy.blahaj.zone 5 months ago
Not all hardware manufacturers are effected and it’s based on a specific open source implementation of UEFI.
xan1242@lemmy.ml 5 months ago
Aren’t AMI, Insyde and Phoenix providers for 98% of PC (be it board or OEM) vendors though?
And AFAIR, TianoCore is basically used everywhere by everyone as a base except maybe Apple.
SnotFlickerman@lemmy.blahaj.zone 5 months ago
You may be right, I didn’t think those three were that much of the market, but maybe I’m wrong.
I thought Tiano was a reference UEFI developed by Intel?
EDK and EDK II are open source projects that spun off of that reference developed by Intel.
I suppose the main thing I was trying to get across is that OP seemed to be blaming motherboard manufacturers for bad code… but this is the base open source code that is causing the issues, prior to implementation by motherboard manufacturers.
xan1242@lemmy.ml 5 months ago
I am pretty sure TianoCore is also used by AMD systems as a reference as well.
Here’s a similar situation that happened in 2019 at Lenovo’s site
support.lenovo.com/cl/es/solutions/LEN-22660
AMD systems are listed as well.
As for most board vendors nowadays, I think they barely do anything with the code itself and just create the setup utility and boot logos. It is highly likely that they’re affected too.
corsicanguppy@lemmy.ca 5 months ago