https://superuser.com/questions/1744281/how-does-pcie-card-vendors-sign-option-roms
This is a very interesting question.
Equally interesting in these times as... how easily are those signatures spoofed with the (recently?) leaked keys?
Which thus makes me wonder, what kind of protections do BIOS and/or UEFI systems generally have besides secure boot for option ROM shenanigans? Did secure boot even verify those ROMs in general or did few-enough vendors bother signing that most implementations didn't actually check?
LisPi /
npub1cu…2mcxv
2024-08-07 09:12:19
Author Public Key
npub1cu4r6pt94plck34vtw9t3zj974k0vl0z8x9gew5vdp2ukw3ekr4qy2mcxvPublished at
2024-08-07 09:12:19Event JSON
{
"id": "7327829a2f80a1611fda69fa0d3752ec9155cee32ee552dae1d0a7e52d95e766",
"pubkey": "c72a3d0565a87f8b46ac5b8ab88a45f56cf67de2398a8cba8c6855cb3a39b0ea",
"created_at": 1723021939,
"kind": 1,
"tags": [
[
"proxy",
"https://udongein.xyz/objects/1c6392bf-6125-44f7-a9e7-b1eb75dae2cd",
"activitypub"
]
],
"content": "https://superuser.com/questions/1744281/how-does-pcie-card-vendors-sign-option-roms\n\nThis is a very interesting question.\n\nEqually interesting in these times as... how easily are those signatures spoofed with the (recently?) leaked keys?\n\nWhich thus makes me wonder, what kind of protections do BIOS and/or UEFI systems generally have besides secure boot for option ROM shenanigans? Did secure boot even verify those ROMs in general or did few-enough vendors bother signing that most implementations didn't actually check?",
"sig": "c3bf40a910a42cd5e5240fa8f297c68454a88dec60872751a33987e8c59c58b200cb7a44fa26bcd3cc6d0ae3e806193ca64d212d202fae99cd007dbe084a6c48"
}