I am willing to tolerate custom firmware in hardware that lives behind an IOMMU and under an OS that uses it. That will at least make it unlikely that something scary lives in there and collects my data. Without an IOMMU in use, the entire RAM is fair game, and, with some creativity, the network card buffers to sneak the data out.
I've never understood this. Isn't it always possible to detect unsanctioned network traffic. Sure, most people don't. But all it takes is one person to spot an errant packet and a malicious actor's cover is blown. What purpose could possibly be served by putting code into firmware that gives itself away by generating network traffic.
Hacking firmware is another matter. But a vendor distributing malicious firmware code that generates network traffic? Not wittingly, it doesn't make sense. Of course if it's for some sensitive piece of machinery and the vendor has been compromised. But then if you're buying sensitive parts maybe you should be extra-cautious to ensure they operate as intended. But consumer hardware? I'm not seeing it. Call me naive or not tin-foil-hatty enough :)
You don't have to create additional packets to transmit additional information. You also don't have to transmit by default. So the detection model isn't "anyone dumps packets", it's "someone actively being monitored knows exactly what to look for".
X86 system management mode is not something you can turn off. It is there to protect motherboard firmware code that runs on the CPU. That code does things like emulate PS/2 mouse and keyboard. See chapter 34 in [1].
SMM is not for enterprise sysadmins. They use other hardware and software for systems management.
> The future is manufacturers—of devices ranging from phones, to laptops, to cars—being the centralized ops staff for all the devices they make.
That's open to so many forms of abuse. Extra-judicial punishment by government agencies and companies, hackers wiping your devices for the lulz, disgruntled employees, ex-spouses...
