I posted this on Intel's forum but of course, no responses from the Intel experts. Cross-posting it here, as it's arguably a Mac issue rather than an Intel one.
My systems have been crashing under the weight of DDoS floods and networking carnage which - combined with my non-technical limitations - effectively presents a situation where access to my systems are a free for all, at the lowest levels. I've been reading up on UEFI "Secure Boot" and I'm having trouble understanding how anyone can expect the boot process to be 'secured' the way it's been setup.
http://www.intel.com/content/www/us/en/architecture-and-technology/unified-extensible-firmware-interface/efi-homepage-general-technology.html
I can get training for the rest of my life and I'm simply not going to be able to protect myself when INTEL is giving access like this to people who have the ability to make my efforts at securing my systems something very near redundancy.
In this article titled "Using the UEFI Shell for Bare Metal Provisioning", it sure sounds like anyone with access to any network which I inadvertently or unintentionally connect to, can bypass the almost non-existent 'security' by simply installing a public key on my computer. If I'm understanding this correctly, the servers are secured from me (they were secured by my ignorance, quite safely) but it would be almost impossible to secure my client machines from them.
Well, that's very secure. Anyone who breaches the bubble can then ensure they have secure access to deploy firmware images. How does a certificate protect against this many avenues for access?
You'd have to be almost a networking specialist just to have a chance.
I'm never going to be able to have a chance, and what's more - assuming I understand the gist of what I'm reading - it's irrational to expect home users to be able to compete in firmware flashing games where the playing field between console and remote operators is almost completely leveled by INTEL. It's wrong, if we're being frank, it's far more outrageous than merely "wrong" - but after a year of this, I'm forced to be pragmatic and pretend the confusion of experts who can't possibly understand why I don't want unnecessary security exploits...is something other than nauseating.
It should be as simple as my saying "I will never need to boot my system remotely, and would like to remove all capacity for remote access. Completely. Permanently. Irreversibly. I will never - ever - have any need or desire to remotely access or boot my system."
Tick a radio button. Configure a setting. Simple. Now why is that so unreasonable in the year 2011 ?
I'm not just talking philosophically. It's all very bleak really, after a year of destroyed machines and corruption almost - fascinating. It would be, if it wasn't so horrifying and just...so creepy. Using the rEFIt Shell (I'm not intelligent enough to compile Tiano), I can get a good look around underneath my Mac OS X Lion installations, and it's a god-awful mess with hundreds of "UNKNOWN" driver images and modules and mapping I can't make sense of (and I receive zero assistance from those I pay to assist in these things) - but everything is write-protected so I can't clean it out. I mount each EFI partition (which I've read Apple stating they don't use for booting on Intel Macs - oh?) a dozen times a day to delete this non-default firmware.scap file which is synced to any GPT partitioned disk I own within range. Synced a dozen times a day. I delete it from all my hard drives, but the EFI partitions are just routinely automounted with the firmware corruption synced right back.
The firmware.scap file goes for hundreds or thousands of pages of this, but if I'm not mistaken that's a BIOS ROM listed right at the start? It's not even close to the one listed by SystemProfiler.
Do I have any options here? You may safely assume I've exhausted my capacity to endure the horror that has gone on for almost 3 months, trying to ignore the feigned idiocy of frontline customer service creeps. Unfortunately, I can't get past them. It would suck if they killed me, all smirking and regretting that they didn't have the chance to direct me for the 48th time, to turn the power back off and back on again.
You know. Cause sometimes that works.
My systems have been crashing under the weight of DDoS floods and networking carnage which - combined with my non-technical limitations - effectively presents a situation where access to my systems are a free for all, at the lowest levels. I've been reading up on UEFI "Secure Boot" and I'm having trouble understanding how anyone can expect the boot process to be 'secured' the way it's been setup.
http://www.intel.com/content/www/us/en/architecture-and-technology/unified-extensible-firmware-interface/efi-homepage-general-technology.html
I can get training for the rest of my life and I'm simply not going to be able to protect myself when INTEL is giving access like this to people who have the ability to make my efforts at securing my systems something very near redundancy.
In this article titled "Using the UEFI Shell for Bare Metal Provisioning", it sure sounds like anyone with access to any network which I inadvertently or unintentionally connect to, can bypass the almost non-existent 'security' by simply installing a public key on my computer. If I'm understanding this correctly, the servers are secured from me (they were secured by my ignorance, quite safely) but it would be almost impossible to secure my client machines from them.
Well, that's very secure. Anyone who breaches the bubble can then ensure they have secure access to deploy firmware images. How does a certificate protect against this many avenues for access?
You'd have to be almost a networking specialist just to have a chance.
I'm never going to be able to have a chance, and what's more - assuming I understand the gist of what I'm reading - it's irrational to expect home users to be able to compete in firmware flashing games where the playing field between console and remote operators is almost completely leveled by INTEL. It's wrong, if we're being frank, it's far more outrageous than merely "wrong" - but after a year of this, I'm forced to be pragmatic and pretend the confusion of experts who can't possibly understand why I don't want unnecessary security exploits...is something other than nauseating.
It should be as simple as my saying "I will never need to boot my system remotely, and would like to remove all capacity for remote access. Completely. Permanently. Irreversibly. I will never - ever - have any need or desire to remotely access or boot my system."
Tick a radio button. Configure a setting. Simple. Now why is that so unreasonable in the year 2011 ?
I'm not just talking philosophically. It's all very bleak really, after a year of destroyed machines and corruption almost - fascinating. It would be, if it wasn't so horrifying and just...so creepy. Using the rEFIt Shell (I'm not intelligent enough to compile Tiano), I can get a good look around underneath my Mac OS X Lion installations, and it's a god-awful mess with hundreds of "UNKNOWN" driver images and modules and mapping I can't make sense of (and I receive zero assistance from those I pay to assist in these things) - but everything is write-protected so I can't clean it out. I mount each EFI partition (which I've read Apple stating they don't use for booting on Intel Macs - oh?) a dozen times a day to delete this non-default firmware.scap file which is synced to any GPT partitioned disk I own within range. Synced a dozen times a day. I delete it from all my hard drives, but the EFI partitions are just routinely automounted with the firmware corruption synced right back.
The firmware.scap file goes for hundreds or thousands of pages of this, but if I'm not mistaken that's a BIOS ROM listed right at the start? It's not even close to the one listed by SystemProfiler.
Do I have any options here? You may safely assume I've exhausted my capacity to endure the horror that has gone on for almost 3 months, trying to ignore the feigned idiocy of frontline customer service creeps. Unfortunately, I can't get past them. It would suck if they killed me, all smirking and regretting that they didn't have the chance to direct me for the 48th time, to turn the power back off and back on again.
You know. Cause sometimes that works.
