The UEFI firmware shouldn't connect to the internet at all. You can't rule it out entirely, but the threat is pretty small. Theoretically, it can access your hard drives, but again, it's very unlikely that your BIOS will exfiltrate your data and send it somewhere. If you want to be sure, use LUKS for full disk encryption.
Linux
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
We use HP EliteBooks and EliteDesks extensively at work. I even used to set them up in my old job, and as far as I'm aware, it doesn't connect to the Internet or "phone home" by default (although that could've changed in recent models). In any case, one of the nice things about the HP BIOSes is that it's very configurable - you can disable the automatic BIOS update checks, network adapter etc. I forget if there was an option to just disable the network stack, but what you could do is configure the UEFI network settings so that they're invalid - ie, set it to a random static IP + random DNS etc (eg: 0.0.0.0) so that it can't connect even if it tried.
Those machines are very, very good to run Linux. Stable, everything is supported out of the most, very reliable. About calling home, they don't, however some models, like most machines, have Intel ME baked into the CPU and that can be remotely accessed. The good thing is that you can disable the Intel ME features on the UEFI and there's a toggle to completely disable the network card before an OS is loaded.
This sounds like a privacy concern. Maybe one of the privacy communities will have a better answer.
You're worried that the bios will ping hp and hand over info, is this something that you have info on?
I’m worried about the HP firmware-bios thingy. Does it call home?
It's for these kinds of reasons we should be demanding open source firmware from major vendors or only buying hardware from vendors that already have open source firmware (System 76, Tuxedo, etc).
Depends on the model. While some offer bios updates over ip, not all do. That would really be the only thing talking out.
I've no idea what you're referring to aside from maybe the Intel ME, but there may be a way to flash coreboot on it.
When any pc starts, isn't there the boot up menu etc? I'm referring to that. In that menus there are options of remote access or firmware updates etc apart of course the usual setup options like in what turn the boots take place eg HDD, network, dvdrom , USB and others like time, date etc.
Intel ME is one concern yes but I doubt I can flash corevoot on this machine as it is almost 2 years old.
What
See my reply above.