Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack - eviltoast
  • Marxism-Fennekinism@lemmy.ml
    link
    fedilink
    English
    arrow-up
    12
    ·
    edit-2
    11 months ago

    It breaks the cardinal rule of executing privileged code: Only code that absolutely needs to be privilaged should be privileged.

    If they really wanted to have their logo in the boot screen, why can’t they just provide the image to the OS and request through some API that they display it? The UEFI and OS do a ton of back and fourth communication at boot so why can’t this be apart of that? (It’s not because then the OS and by extension the user can much more easily refuse to display what is essentially an ad for the hardware vendor right? They’d never put “features” in privileged code just to stop the user from doing anything about it… right?)