I read reporting in Ars this morning about the Kaspersky identified CosmicStrand UEFI rootkit. As a nerd and tech instructor my hope has always been that with the move away from BIOS based computers to UEFI everyone would be more secure. After all one of the main features of UEFI was to be able to better secure the computer boot process and identify attacks on the integrity of operating system files before they are loaded into memory and executed. It seems like CosmicStrand figured out a way around most of these protections.
So much for UEFI security.
