“Another security feature that’s completely new to the Librem 14 is a set of switches on the motherboard that will allow you to write protect the BIOS and EC firmware. Currently the physical switches are implemented, but we still need to complete some software and configuration work so that they actually trigger write protection.”
Can you elaborate a bit on this information?
This sounds to me like there is some additional “input device” (switch on mainboard) that triggers some software to not allow writing of firmware memory.
Where is this software implemented so that it cannot be overridden? Which level of system access is necessary to change this piece of software?
Which is the risk mitigated by this feature?