How much of that malware is actually working at the level that the bootloader is concerned with? And how many samples are just trivial keyloggers, screen grabbers, enablers for fishing attacks, etc. that don't even need anything more than user-level privileges? I'd happily run a system with no standard antivirus / malware protection / ... as long as it has a good separation of resources from kernel to user-space. I subscribe to ideas like http://qubes-os.org much more than trying to protect the bootloader. The typical user-space is exposed too much at the moment and the number of really sophisticated exploits isn't that big.
You're saying "Microsoft is at least trying to do this" about a company that continues to hold up fixes to known exploits (maybe not publicly known, but it takes only a single person...) until a convenient patch day, but manages to push own idea of security which breaks other peoples' systems onto the whole industry (strangely those other systems are not affected to the same degree). That's what I would call a very real concern.
From my experience with the "typical user", migrating my gf's laptop from Windows to Ubuntu did more for security than any bootloader hardening could do. And it required no hardware update either...
>And how many samples are just trivial keyloggers, screen grabbers, enablers for fishing attacks, etc. that don't even need anything more than user-level privileges?
They need more privileges for hiding itself from antivirus software, SmartScreen and MMSRT.
That's true. Unfortunately that assumes the user 1. has an antivirus installed 2. his interaction with it isn't limited to closing the "license expired" window as quickly as possible at startup. That's still a very typical pattern.
You're saying "Microsoft is at least trying to do this" about a company that continues to hold up fixes to known exploits (maybe not publicly known, but it takes only a single person...) until a convenient patch day, but manages to push own idea of security which breaks other peoples' systems onto the whole industry (strangely those other systems are not affected to the same degree). That's what I would call a very real concern.
From my experience with the "typical user", migrating my gf's laptop from Windows to Ubuntu did more for security than any bootloader hardening could do. And it required no hardware update either...