Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.
  • const_void
    4·
    1 year ago

    We need Coreboot support on more boards. Motherboard vendors can’t be trusted to handle firmware.

  • onlooker
    3·
    1 year ago

    Thanks for the heads-up, OP. I was planning on building a new PC in a few months and I probably would have chosen Gigabyte as my mobo. I would have been so upset if I saw this after the fact.

    What brand should I be looking at instead? ASUS?

  • Mindless_Enigma@beehaw.org
    3·
    1 year ago

    Well damn. Guess I’m getting a new motherboard soon. It’s crazy that this made it out the door without at least enforcing https. Then again, gigabyte hasn’t been known for thinking things all the way through recently.

  • No_Huckleberry_2023
    1·
    1 year ago

    Hi tech geeks! First post on Lemmy.

    I believe this would be exploited in a sense like a “man in the middle”… so it isn’t as “alarming” as a true backdoor. Just disable the “app center download” in the bios. Mine was enabled upon first install of my new X570S board, but I was knowing what this type of setting this was prior to this issue being published … I already had a feeling this should be disabled.

  • setInner234@feddit.de
    1·
    1 year ago

    This is wild. I’m on an Asrock board, so luckily not too affected. At the same time, with AMD’s PSP and Intel’s ME, nearly all boards are ‘backdoored’ to some extent anyway.

  • sudojonz@lemmygrad.ml
    21·
    1 year ago

    Interesting/upsetting article!

    Good to see they can’t help but accuse Russia and China of installing firmware malware like this but not a single sentence about the Americans likely doing it even more…propaganda me harder Wired!