The wiki is being retired!
Documentation is now handled by the same processes we use for code: Add something to the Documentation/ directory in the coreboot repo, and it will be rendered to https://doc.coreboot.org/. Contributions welcome!
This page explains how coreboot can help with various security aspects of your system, compared to closed-source, legacy BIOS/EFI/firmware implementations.
Common security features
- Boot password (like BIOS password)
- RAM wiping after each boot
- Signature verification - to boot from payload only signing images
- Support to encrypted block devices/volumes
Coreboot can be full-secure solution for your hardware, without this issues, which have "legacy" BIOS:
Current BIOS issues
- Coreinfo as demo payload for coreboot, showing your RAM contents after a cold boot.