You must log in or register to comment.
Honest question: is this a good move on their behalf? What are they trying to achieve here? I’m assuming they will not just sanction any code changes (or at all…) even if it fixes critical bugs.
Open firmware is important for trusting your boot chain. Seeing their list of partners in the article makes it look like a bunch of cloud providers want to take early boot security very seriously.
How does one verify that the firmware running on you chip is actually the same as the open source code? This is kinda a trusting trust question, but I imagine it’s going to be hard to build and install this as a end user.