I found an old interview with Duflot whic may be helpful, describing SMM and the X11-based weakness for *nix systems in more detail.
I did not recall the issue clearly, when I wrote above that X uses SMM. It doesn't. SMM uses legacy video RAM memory, and that is where the weakness lies. But I had read this interview 3 years ago, as I remembered the title:
http://www.securityfocus.com/columnists/402
BSDfan's Wiki reference has a link in the footnotes to an article describing a demonstration SMM-based rootkit shown at the Black Hat '08 conference. The key to such things is that OS's and their applications do not have access to SMM datablocks, and would be blind to code hidden therein.