![]() Much of the book focuses on boot integrity, process isolation, and various Intel hardware-based protections. This book talks about the various Intel boot security technologies, focusing on the Intel Management Engine (ME) and how ME interacts with the other Intel security technologies at the hardware, firmware, and OS-levels. For the past several years, the engine has been serving as the base of many security technologies included in Intel platforms. The book reveals the technical details of Intel’s security and management engine, with the focus on the architecture and design of its firmware infrastructure. book review: Platform Embedded Security Technology Revealed Intel: please give us more control over the products we purchase. Some systems may need to be tamper-resistant to local users, but that’s just for enterprise bank employees, not for citizens. The locally-present user should be able to override features like this, and install what they want, at firmware, pre-OS and OS-level software. I hope Intel - or other chip vendors - can help both audiences, not only enterprise vendors who want to use the OEM’s installation of Windows and never change their systems. Security must be addressed, but the cost might be General Purpose Computing? To conserve words, I’ll just point to a few other blog posts on this topic by others: Boot Guard is a big new player in the security -vs- user-control equation. As a result, Intel Boot Guard, when activated, makes it impossible for end users to install replacement firmware such as Coreboot.”īoot Guard attempts to protect the system before Secure Boot starts. Intel Boot Guard is an optional processor feature, meaning that it does not need to be activated during the system manufacturing. When turned on, the processors verifies a signature contained in the firmware image before executing it, using the hash of the public half of the signing key, which is fused into the system’s Platform Controller Hub (PCH) by the system manufacturer (not by Intel). Since it enables you to customize and optimize various UEFI firmware settings, UEFIFind is a tool for advanced users who want to take full control over their computer.As defined by Wikipedia: “Intel Boot Guard is a processor feature that prevents the computer from running firmware images not released by the system manufacturer. An advanced tool that enables you to adjust UEFI-compatible devices’ settingsĪs far as compatibility goes, the utility supports a wide variety of firmware formats used by well-known motherboard manufacturers, including, but not limited to ASUS, MSI or Gigabyte. The app can also be employed for extracting firmware images from BIOS, which can come in handy for viewing and analyzing various images that are not readily available. Moreover, thanks to the tool, you could even add features that were not available with the default firmware. Making changes to these and other settings doesn’t only help improve the overall performance, but it can also aid fix various issues that were causing constant bugs. The role of the tool is to enable you to edit the UEFI firmware’s settings, including here the boot order of devices, overclocking or the power management. Therefore, you can write scripts to automate tasks and perform various batch operations, a feature that can come in handy for network administrators who need to change multiple firmware images simultaneously, for example. ![]() While some may view this as a setback, the advantage – especially for advanced users – is that it is scriptable. The tool doesn’t boast a GUI, but it is rather a console application. Enables you to customize the firmware settings and features as you want ![]() UEFIFind is a tool designed to help you with this type of tinkering, as the utility is designed to view and edit firmware that runs on the motherboard. For instance, overclocking the CPU entails modifying some firmware settings to increase the clock speed, adjust the voltage settings and tweak other performance-related settings. If you are interested in tinkering with your computer in a way that would improve its performance significantly, then you may have to make some expert modifications.
0 Comments
Leave a Reply. |