Reply to post: Re: Downgrade attack?

CTS who? AMD brushes off chipset security bugs with firmware patches

Anonymous Coward
Anonymous Coward

Re: Downgrade attack?

"How are you verifying no one inserted these flaws in your firmware before you got the computer?"

Isn't that a fairly universal problem? Intercept the item in transit and replace the firmware? I seem to remember stories about the NSA putting custom UEFI on motherboards and firmware on HDDs (granted, you would hope that the various programming routines on the board would require the new firmware to be signed and validate that signature prior to loading it, but ... ) ...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019