Investigate harmful BIOS features
With "harmful" we mean BIOS features that phone home, enable remote administration and similar. Examples:
- Remote administration tools enabled at BIOS time, like Intel AMT, which can be configured to connect to the network at BIOS time, and then run a web-server, again at BIOS time (!), etc.
- Anti-theft technologies, like Intel Anti-theft. For an overview and exploits, see e.g.: Deactivate the Rootkit: Attacks on BIOS anti-theft technologies
"Features" like these may either cause general security issues, or have adverse effects on particular Tails features (e.g. BIOS-time network activity from Intel AMT exposes the real MAC address before Tails has a chance to spoof it).
#3 Updated by sajolida over 4 years ago
According to external experts, AMT-originated network activity will most probably have its own MAC address; and one that Tails probably can't spoof. For example, AMT gets its own DHCP lease prior to and independent of the OS.
AMT can also be used to perform malicious BIOS updates.