ELI5: How can I protect (a bit) against this BMC issue?

The AST2400 that is being discussed in the Bloomberg 'BMC hack' is a small low-performance processor. And Facebook created a framework to make open source software for it, OpenBMC.

This might give some comfort since you can load your own firmware, and then compare that is indeed what you are running, and then have it diagnose itself for other injection points.

Another approach you could take, you could create a small widget that would connect to the JTAG, I2C, SPI chains, and read out all code and compare it to expected checksum, holding the power-off line until you are finished. Imagine maybe a small ESP32-class device that has a GPIO that goes to the ATX PS_ON# line, and each JTAG/SPI/I2C. When power tries to come up, you scan, and if all match, release the PS_ON#.

The article Lee linked is quite good.

One comment on “ELI5: How can I protect (a bit) against this BMC issue?
  1. db Dave D says:

    Then hacking the widget would be the thing to do. Total control over the JTAG!

Leave a Reply

Your email address will not be published. Required fields are marked *

*