This is not a has-badBIOS-pwn3d-me post, so do not worry about any paranoid quarrel.
After having read a thorough analysis / discrediting of the alleged malicious software, I certainly understand that the technology used by badBIOS for communication (some kind of lateral channel attack using sound waves) has already been used.
What I really do not understand and I could not find any related answer in the document or anywhere else is:
Affirmation 38: badBIOS flashes the system BIOS again and may persist after the machine has flashed again with legitimate firmware.
I can think of a case, this could be true; re-flashing the SPI chip of the infected operating system.
Otherwise, did you really claim that even if you desolded the chip from the motherboard, attach it to an SPI programmer that is not badBIOS you could not flash or read the actual badBIOS image .bin? Is it theoretically possible for a chip to "trick" you into its actual content if it is not connected to the host's motherboard?