zlacker

Every modern motherboard comes pre-installed with unremoveable malware. Vulnerabilities just let different actors try to be king of the hill. The real answer is that all these persistent storage areas (eg flash chips) need to be documented and writable by the user. Any boot integrity needs to be done on top of an open environment, rather than continuing to rely on security through obscurity.

>>mindsl+(OP)
I see the point you're trying to make but it's really very orthogonal to this issue: this was an issue in a documented part of a documented feature, it's not some "deeply embedded" system management controller with no documentation, it's "the signed firmware update feature in the big obvious selling point where the server has a backdoor management interface was broken."