A BIOS can be backdoored in pretty much the same way. Heck, even ACPI can be backdoored.I have read about a Apple Mac EFI rootkit by a certain government agency.
A BIOS can be backdoored in pretty much the same way.
UEFI does provide "runtime services" that are available to the OS after it has booted (in contrast with "boot services"). This kind of service is useful for things like changing the boot order from within the OS. I believe it would therefore be possible for a UEFI BIOS to include a malicious runtime service. It is also possible for a UEFI device driver to be a "runtime driver", which remains loaded after the hand-off to OS boot loader. Such a driver could also be malicious. I'm sure tinfoil hats will help protect us all.Contrary to popular belief, once a modern OS is booted nothing from the UEFI or BIOS is used. Both UEFI and the BIOS are only needed to initialize the hardware and boot the system. Nothing more, nothing less.
I think Coreboot alone has much bigger marketshare because of Chromebooks.I use coreboot/FreeBSD on my APU1D and it works well. Only one option available. Pick your boot device.
Simple and easy.
So what if I have to use an OS to set the RTC.
I am concerned that there is an OS alive in my EFI bios now. It presents a command prompt and has an accompanying storage system.fs0
I deleted the big rant that I started with.
One thing I wrote which I stand by is this: "Network Boot features gone Bonkers"
I understand that the EFI network stack really came about because of network booting. Heck back in the day I flashed a rom chip on my network card to network boot so I am aware of the progression of the BIOS and BOOTP.
I also have an old AMD K6 board with a browser and media player in the BIOS+firmware.
I just have this uneasy feeling that Intel doesn't have our best interest in mind while promoting UEFI.(Like the subtle armtwisting RSA took)
I am worried we are all being penned in to something nasty and it will be too late once the discoveries come out.
What is the marketshare of coreboot/SeaBIOS. I would be surprised if over .01%.
This isn't Intel trying to kill off the floppy but something much more serious.
Who needs a database in their BIOS?