The hidden control plane lurking in your commodity server
4 hours ago
- #hardware-design
- #server-security
- #open-source
- Oxide Computer Company aimed to eliminate the hidden control plane in servers, starting with the baseboard management controller (BMC).
- The BMC, responsible for physical machine control, was replaced with a microcontroller running an open-source OS called Hubris.
- Oxide also targeted the UEFI BIOS, which contains an entire proprietary OS and remains resident after booting, posing security risks.
- The UEFI BIOS includes System Management Mode (SMM), a backdoor that can be exploited, which Oxide successfully eliminated.
- Oxide's approach removes the substantial attack surface associated with traditional hidden control planes in servers.