I would get the same responses from people in the 90s. Can't believe its still parroted in 2017 when we see so many real life examples and poc's. Bios devs claim bios's are more safer now, but I think they are less safe. Its why I'm a big fan of ITL, they keep it real.
You forget all the hacking teams out there getting their data pilfered by 15 year olds. Or the story about intel's backdoor that has been there for years and years, who knows how many people knew. Its also holiday season right now. Satans claws are coming to town and everything is on sale for everyone lol
I think part of the problem is old school mentalities like yours have a hard time not only admitting that a bios can be infected in the first place, but also that it can be infected remotely.
Its also very hard to admit to something like this, because what can we really do against it? I still remember the look on everyones face on the panel of the Logan CIJ Symposium 2016 when Joanna said maybe there is no point if we can't trust companies or developers or the hardware is backdoored.
Doesn't purism use secure boot on their latest model?
As most all the BIOS code is propriety how exactly can anyone on here claim there are no hacks or otherwise?
There is a HUGE difference between chain of trust or having to accept having to trust hardware and actually trusting it.
I really do not want to spend any real time digging up bios hacks but a google search would at least get you the reports of them.
Just to offer up one take a look at Bruce Schneier's blog as he wrote on this topic very briefly here: https://www.schneier.com/blog/archives/2015/03/bios_hacking.html
Not to mention today bios can interact remotely with the hardware vs cellular radio ethernet etc.. Unless there is a manual switch to separate it like some wifi etc have compared to a software on off mode is basically meaningless as its open to being modified and you have no way to audit the code even if you wanted to. You have no way of knowing there is not a backdoor that allows them to be turned on or settings changed.
While I may no be able to control it I would say with the direction BIOS software has been going over the last 1o yrs it presents a very real security threat. Anything that is between my installed OS and the bare metal IMO is of the most serious of threats as we are extremely limited in protecting ourselves from anything below what we install. The BIOS is a master key to everything above it.