Language Selection

English French German Italian Portuguese Spanish

Attacks on secure boot

This is interesting. It's obviously lacking in details yet, but it does highlight one weakness of secure boot. The security for secure boot is all rooted in the firmware - there's no external measurement to validate that everything functioned as expected. That means that if you can cause any trusted component to execute arbitrary code then you've won. So, what reads arbitrary user data? The most obvious components are any driver that binds to user-controlled hardware, any filesystem driver that reads user-provided filesystems and any signed bootloader that reads user-configured data. A USB drive could potentially trigger a bug in the USB stack and run arbitrary code. A malformed FAT filesystem could potentially trigger a bug in the FAT driver and run arbitrary code. A malformed bootloader configuration file or kernel could potentially trigger a bug in the bootloader and run arbitrary code. It may even be possible to find bugs in the PE-COFF binary loader. And once you have the ability to run arbitrary code, you can replace all the EFI entry points and convince the OS that everything is fine anyway.

None of this should be surprising.




More in Tux Machines

KaOS 2015.02 Distro Brings a Unique, Pure KDE Plasma 5 Experience - Screenshot Tour

The KaOS development team was proud to announce on February 24 the immediate availability for download of the KaOS 2015.02 Linux kernel-based operating system for personal computers and laptops. This is the first ever release of the KaOS Linux distribution with the next-generation KDE Plasma desktop environment, powered by the latest KDE Frameworks 5 technology. Read more

Snowden's favourite Linux - Tails - rushes sec-fix version to market

The developers want to kill off the previous version, Tails 1.2.3, as soon as possible, with a list of 14 security issues covering everything from the Tor browser and its network security services (NSS) through to a sudo privilege escalation bug. Read more

5 specialized Linux distributions for computer repair

Computers are incredible tools that let users doing amazing things, but sometimes things go wrong. The problem could be as small as accidentally deleting files or forgetting a password—and as major as having an operating system rendered non-bootable by file system corruption. Or, worst case scenario, a hard drive dying completely. In each of these cases, and many more like them, there are specialized tools that can aid you in fixing problems with a computer or help you be prepared for when something bad does happen. Read more

How To Install League Of Legends Game On Linux

League of Legends (LoL) is a 2009 multiplayer online battle arena video game developed and published by Riot Games for Microsoft Windows and Mac OS X. It is a free-to-play game that is supported by micro-transactions and inspired by the mod Defense of the Ancients for the video game Warcraft III: The Frozen Throne.

 

Read at LinuxAndUbuntu