arstechnica ,
@arstechnica@mastodon.social avatar

Supply chain SNAFU causes Intel and others to ship hackable hardware for 5 years

Multiple links in the supply chain failed for years to identify an unfixed vulnerability.

https://arstechnica.com/security/2024/04/supply-chain-snafu-causes-intel-and-others-to-ship-hackable-hardware-for-5-years/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

drewdaniels ,
@drewdaniels@mastodon.online avatar

@arstechnica hopefully more people take this opportunity to secure their BMC network connectivity. Scanning BMC’s in production could be seen as risky. I’m surprised this wasn’t public earlier though I suspect most assume the BMC isn’t getting updates and will be vulnerable. Heartblead showed this as did many previous vulnerabilities.

depereo ,
@depereo@mastodon.social avatar

@arstechnica strongly recommend openbmc for your secure BMC needs. The stuff vendors ship is shocking.

https://lca2020.linux.org.au/schedule/presentation/36/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • All magazines
    •