Kevin Karhan 

@wravoc IMHO, #TPM & #UEFI are both #Scams and neither can be trusted due to being #backdoored and #Bloatware respectably.

Personally, I want a machine that is purposefully #incompatible with #CensorBoot by #Microsoft (and thus #Windows11) by using #LinuxBoot / #NERF and no TPM at all!

Sadly I guess that means I've to use the #RISCv version of the @frameworkcomputer mainboard for that...

The fact that UEFI has more code than the #Linux #Kernel with all it's drivers yet less than 100 contributors makes it inacceptable!

Jun 26, 2024 at 6:00amWeb
Show thread지지 ᚠᚱᛖᛃᚨ Daniel 黄法官 CyReVoltNov 30, 2024

@kkarhan @[email protected] @frameworkcomputer
Just FYI: There is a counterpart in RISC-V called SBI that provides runtime services, with OpenSBI as the reference implementation shipped by OEMs - it gets all those drivers.
And https://riseproject.dev/ is working toward bringing UEFI to RISC-V to make it another PC-like platform.
Meanwhile, Arm just released an Arm PC spec a few days ago:
https://developer.arm.com/documentation/den0151/a

Sorry, the ISA won't save you. As long as owning a system is possible though, you gain control.

Rise: RISC-V Software Ecosystem – Linux Foundation Project

Show thread지지 ᚠᚱᛖᛃᚨ Daniel 黄法官 CyReVoltNov 30, 2024

@kkarhan @[email protected] @frameworkcomputer

Ah and LogoFAIL is far from being fixed... quite the opposite - exploited in the wild a year after disclosure:
https://www.binarly.io/blog/logofail-exploited-to-deploy-bootkitty-the-first-uefi-bootkit-for-linux

LogoFAIL Exploited to Deploy Bootkitty, the first UEFI bootkit for Linux

Binarly researchers find a direct connection between the newly discovered Bootkitty Linux bootkit and exploitation of the LogoFAIL image parsing vulnerabilities reported more than a year ago