Language Selection

English French German Italian Portuguese Spanish

Attacks on secure boot

This is interesting. It's obviously lacking in details yet, but it does highlight one weakness of secure boot. The security for secure boot is all rooted in the firmware - there's no external measurement to validate that everything functioned as expected. That means that if you can cause any trusted component to execute arbitrary code then you've won. So, what reads arbitrary user data? The most obvious components are any driver that binds to user-controlled hardware, any filesystem driver that reads user-provided filesystems and any signed bootloader that reads user-configured data. A USB drive could potentially trigger a bug in the USB stack and run arbitrary code. A malformed FAT filesystem could potentially trigger a bug in the FAT driver and run arbitrary code. A malformed bootloader configuration file or kernel could potentially trigger a bug in the bootloader and run arbitrary code. It may even be possible to find bugs in the PE-COFF binary loader. And once you have the ability to run arbitrary code, you can replace all the EFI entry points and convince the OS that everything is fine anyway.

None of this should be surprising.




More in Tux Machines

Linux Kernel 3.10.82 LTS Is a Very Small Update with Five Fixes

Immediately after having published details about the Linux kernel 4.1.1, Linux kernel 4.0.7, and Linux kernel 3.14.46 LTS maintenance releases, Greg Kroah-Hartman has announced the immediate availability of Linux kernel 3.10.82 LTS. Read more

antiX 15 Officially Released, Based on Debian 8 "Jessie" but Without systemd

Straight from Thessaloniki, Greece, the antiX development team has had the great pleasure of announcing the immediate availability for download of the final release of the antiX 15 GNU/Linux operating system. Read more

EU court to decide on PC and software bundling

The Court of Justice of the European Union (CJEU) is expected to rule within weeks on the practice of forced sale of licences for operating systems and other software bundled with computing devices. On 25 June, France’s Court of cassation referred to the CJEU a complaint of a French citizen who wanted to purchase a PC without any pre-installed operating system. Read more

Interviews: Linus Torvalds Answers Your Question

Linus: You can say the word "systemd", It's not a four-letter word. Seven letters. Count them. I have to say, I don't really get the hatred of systemd. I think it improves a lot on the state of init, and no, I don't see myself getting into that whole area. Yeah, it may have a few odd corners here and there, and I'm sure you'll find things to despise. That happens in every project. I'm not a huge fan of the binary logging, for example. But that's just an example. I much prefer systemd's infrastructure for starting services over traditional init, and I think that's a much bigger design decision. Yeah, I've had some personality issues with some of the maintainers, but that's about how you handle bug reports and accept blame (or not) for when things go wrong. If people thought that meant that I dislike systemd, I will have to disappoint you guys. Read more