• 7 Posts
  • 1.18K Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle





  • malware living on the bios rom could possibly live through an internal bios flash (normal “update firmware” thing in the bios or things like ivyrain) if it somehow manages to manipulate that process.

    however, it is always overwritten by an external bios flash (using a raspberry pi or something using flashrom), because then you’re directly communicating with the flash chip. (if you suspect that the flash chip has been replaced with a malicious one you’re probably a bit schizo)

    one thing is though is that the flash on the embedded controller is left untouched in most operations like this, so it could possibly harbor malware, but the only thing that could possibly do is make your laptop unusable or die randomly. It can’t really affect the software running on it i’d think. What you’d want to do if you’re really schizo and suspect your EC is infected is to externally flash lenovo firmware and use something like this to update the EC before externally flashing Heads.

    the chain of trust for your installer USB would be something you can’t really avoid though, just use the most trustworthy computer you have