[tor-relays] Exploiting firmware

[Alex Haydock]

On 07/12/16 23:15, diffusae wrote
> I am totally agree with you.
>
> One alternative would be to use coreboot on your machine. If you are
> good, than you will put your kernel into the flash chip and make it
> write protected.
As far as I know, Coreboot is merely an open source BIOS replacement and
doesn't act to disable the management engine as many Intel chips simply
won't boot without the ME firmware present and correct.

Libreboot might be the project you're thinking of, but it only works on
the small subset of (sadly usually quite old) CPUs that will actually
boot without Intel's firmware being present.

They are both fantastic projects, and I do have some Libreboot machines
at home, but the main concern I was raising was that: firstly, unless
you are colocating your own hardware or running your relay at home,
flashing a new BIOS to your relay's hardware is out of the question as
the hardware is under the control of your service provider.

The other thing I was noting was that the fact the hardware is under
control of your service provider is probably more of a threat than just
the ME would be. The service provider obviously needs access to the
machine, but they often expose quite low-level access either through web
consoles of unknown security, or to helpdesk techs working at the provider.

As a side note, there is one VPS provider I know of that are currently
in the preparation stages before launch, and who are intending to run
their entire infrastructure on Libreboot machines:
https://www.vikings.net/index.html