FAQ: use simpler tags for highlighting

1 files changed, 22 insertions, 22 deletions

diff --git a/site/faq/index.php b/site/faq/index.php
index 4f11c3e..bed4378 100644
--- a/site/faq/index.php
+++ b/site/faq/index.php
@@ -125,20 +125,20 @@
 						located in the (G)MCH chip.  In Q3 2009, the first generation of Intel Core
 						i3/i5/i7 (Nehalem) CPUs and the 5 Series Chipset family of Platform Controller
 						Hubs, or PCHs, brought a more tightly integrated ME (now at version 6.0) inside
-						the PCH chip, which itself replaced the ICH.  Thus, the ME is <em>present on all
-						Intel desktop, mobile (laptop), and server systems since mid 2006</em>.
+						the PCH chip, which itself replaced the ICH.  Thus, the ME is <b><i>present on all
+						Intel desktop, mobile (laptop), and server systems since mid 2006</i></b>.
 					</p>
 					<p>
 						The ME consists of an ARC processor core (replaced with other processor cores in
 						later generations of the ME), code and data caches, a timer, and a secure
 						internal bus to which additional devices are connected, including a cryptography
-						engine, internal ROM and RAM, memory controllers, and a <em>direct memory access
-						(DMA) engine</em> to access the host operating system's memory as well as to
+						engine, internal ROM and RAM, memory controllers, and a <b><i>direct memory access
+						(DMA) engine</i></b> to access the host operating system's memory as well as to
 						reserve a region of protected external memory to supplement the ME's limited
-						internal RAM.  The ME also has <em>network access</em> with its own MAC address
+						internal RAM.  The ME also has <b><i>network access</i></b> with its own MAC address
 						through an Intel Gigabit Ethernet Controller.  Its boot program, stored on the
 						internal ROM, loads a firmware "manifest" from the PC's SPI flash chip.  This
-						manifest is <em>signed with a strong cryptographic key</em>, which differs
+						manifest is <b><i>signed with a strong cryptographic key</i></b>, which differs
 						between versions of the ME firmware.  If the manifest isn't signed by a specific
 						Intel key, the boot ROM won't load and execute the firmware and the ME processor
 						core will be halted.
@@ -146,12 +146,12 @@
 					<p>
 						The ME firmware is compressed and consists of modules that are listed in the
 						manifest along with secure cryptographic hashes of their contents.  One module
-						is the operating system kernel, which is based on a <em>proprietary real-time
-						operating system (RTOS) kernel</em> called "ThreadX".  The developer, Express
+						is the operating system kernel, which is based on a <b><i>proprietary real-time
+						operating system (RTOS) kernel</i></b> called "ThreadX".  The developer, Express
 						Logic, sells licenses and source code for ThreadX.  Customers such as Intel are
 						forbidden from disclosing or sublicensing the ThreadX source code.  Another
-						module is the Dynamic Application Loader (DAL), which consists of a <em>Java
-						virtual machine</em> and set of pre-installed Java classes for cryptography,
+						module is the Dynamic Application Loader (DAL), which consists of a <b><i>Java
+						virtual machine</i></b> and set of pre-installed Java classes for cryptography,
 						secure storage, etc.  The DAL module can load and execute additional ME modules
 						from the PC's HDD or SSD.  The ME firmware also includes a number of native
 						application modules within its flash memory space, including Intel Active
@@ -163,12 +163,12 @@
 						Active Management Technology (AMT)</a> application, part of the Intel "vPro"
 						brand, is a Web server and application code that enables remote users to power
 						on, power off, view information about, and otherwise manage the PC.  It can
-						be <em>used remotely even while the PC is powered off</em> (via Wake-on-Lan).
+						be <b><i>used remotely even while the PC is powered off</i></b> (via Wake-on-Lan).
 						Traffic is encrypted using SSL/TLS libraries, but recall that all of the major
 						SSL/TLS implementations have had highly publicized vulnerabilities.  The AMT
-						application itself has <em><a
+						application itself has <b><i><a
 						href="https://en.wikipedia.org/wiki/Intel_Active_Management_Technology#Known_vulnerabilities_and_exploits">
-						known vulnerabilities</a></em>, which have been exploited to develop rootkits
+						known vulnerabilities</a></i></b>, which have been exploited to develop rootkits
 						and keyloggers and covertly gain encrypted access to the management features of
 						a PC.  Remember that the ME has full access to the PC's RAM.  This means that an
 						attacker exploiting any of these vulnerabilities may gain access to everything
@@ -181,7 +181,7 @@
 						Intel Core i3/i5/i7 (Haswell) CPUs.  It allows a PC OEM to generate an
 						asymmetric cryptographic keypair, install the public key in the CPU, and prevent
 						the CPU from executing boot firmware that isn't signed with their private key.
-						This means that <em>coreboot and libreboot are impossible to port</em> to such
+						This means that <b><i>coreboot and libreboot are impossible to port</i></b> to such
 						PCs, without the OEM's private signing key.  Note that systems assembled from
 						separately purchased mainboard and CPU parts are unaffected, since the vendor of
 						the mainboard (on which the boot firmware is stored) can't possibly affect the
@@ -189,9 +189,9 @@
 					</p>
 					<p>
 						ME firmware versions 4.0 and later (Intel 4 Series and later chipsets) include
-						an ME application for <em>audio and video <a
+						an ME application for <b><i>audio and video <a
 						href="https://defectivebydesign.org/what_is_drm_digital_restrictions_management">
-						DRM</a></em> called "Protected Audio Video Path" (PAVP).  The ME receives from
+						DRM</a></i></b> called "Protected Audio Video Path" (PAVP).  The ME receives from
 						the host operating system an encrypted media stream and encrypted key, decrypts
 						the key, and sends the encrypted media decrypted key to the GPU, which then
 						decrypts the media.  PAVP is also used by another ME application to draw an
@@ -202,8 +202,8 @@
 						DRM application called "Intel Insider".  Like the AMT application, these DRM
 						applications, which in themselves are defective by design, demonstrate the
 						omnipotent capabilities of the ME: this hardware and its proprietary firmware
-						can access and control everything that is in RAM and even <em>everything that is
-						shown on the screen</em>.
+						can access and control everything that is in RAM and even <b><i>everything that is
+						shown on the screen</i></b>.
 					</p>
 					<p>
 						The Intel Management Engine with its proprietary firmware has complete access to
@@ -239,21 +239,21 @@
 						ROM would reject any modified firmware that isn't signed by Intel.  Thus, the ME
 						firmware is both hopelessly proprietary and "tivoized".
 					</p>
-					<p><strong>
+					<p><b>
 						In summary, the Intel Management Engine and its applications are a backdoor with
 						total access to and control over the rest of the PC.  The ME is a threat to
 						freedom, security, and privacy, and the libreboot project strongly recommends
 						avoiding it entirely.  Since recent versions of it can't be removed, this means
 						avoiding all recent generations of Intel hardware.
-					</strong></p>
+					</b></p>
 					<p>
 						More information about the Management Engine can be found on various Web sites,
 						including <a href="http://me.bios.io/Main_Page">me.bios.io</a>, <a
 						href="http://io.smashthestack.org/me/">the smashthestack network</a>, <a
 						href="http://www.coreboot.org/Intel_Management_Engine">coreboot wiki</a>, and <a
 						href="https://en.wikipedia.org/wiki/Intel_Active_Management_Technology">
-						Wikipedia</a>.  The book <em><a href="https://www.apress.com/9781430265719">
-						Platform Embedded Security Technology Revealed</a></em> describes in great
+						Wikipedia</a>.  The book <b><i><a href="https://www.apress.com/9781430265719">
+						Platform Embedded Security Technology Revealed</a></i></b> describes in great
 						detail the ME's hardware architecture and firmware application modules.
 					</p>
 				<h3 id="fsp">Firmware Support Package (FSP) <span class="ref">(<a href="#fsp">#fsp</a>)</span></h3>