Talk:System Management Mode
|WikiProject Computing||(Rated Stub-class)|
Is System Management Mode a rootkit?
Should the article be added to Category:Rootkits? I think that SMM technically is a rootkit because it executes at a higher privilege level than both hypervisors and operating systems are able to attain, and the user has no choice on whether or not this is installed in his or her computer.
Unfortunately, SMM is now used by motherboards to handle power and thermal management when such management should be handled by an OS or a hypervisor driver. Jesse Viviano (talk) 06:30, 30 November 2010 (UTC)
- Technically this is a special mode of motherboard firmware (SMI defined by BIOS Firmware, user selects motherboard with BIOS firmware included and he can't uninstall BIOS from board without breaking it). SMM was created at time when 80486 was fastest CPU and no OS (e.g. DOS) or hypervisor (there were none) was able to do motherboard management. It can be used to hide rootkits, but any BOOT ROM can has rootkit stored inside it (both BIOS rootkits and PCI Boot Rom rootkits). BIOS itself and PCI boot roms are not a rootkits, it is just a place, where attacker can store a rootkit. So, no category of Rootkit is here will. `a5b (talk) 13:36, 4 August 2011 (UTC)