We need Coreboot support on more boards. Motherboard vendors can’t be trusted to handle firmware.
https://archive.is/Yp6PI article without paywall
deleted by creator
Thanks for the heads-up, OP. I was planning on building a new PC in a few months and I probably would have chosen Gigabyte as my mobo. I would have been so upset if I saw this after the fact.
What brand should I be looking at instead? ASUS?
Well damn. Guess I’m getting a new motherboard soon. It’s crazy that this made it out the door without at least enforcing https. Then again, gigabyte hasn’t been known for thinking things all the way through recently.
daaaamn this is some shit
deleted by creator
Hi tech geeks! First post on Lemmy.
I believe this would be exploited in a sense like a “man in the middle”… so it isn’t as “alarming” as a true backdoor. Just disable the “app center download” in the bios. Mine was enabled upon first install of my new X570S board, but I was knowing what this type of setting this was prior to this issue being published … I already had a feeling this should be disabled.
Backdoor?
Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs
uhuh
Interesting/upsetting article!
Good to see they can’t help but accuse Russia and China of installing firmware malware like this but not a single sentence about the Americans likely doing it even more…propaganda me harder Wired!
This is wild. I’m on an Asrock board, so luckily not too affected. At the same time, with AMD’s PSP and Intel’s ME, nearly all boards are ‘backdoored’ to some extent anyway.