[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] Re: the ghost of UEFI and Micr0$0ft

 On 05/06/2012 20:59, Claudius Hubig wrote:
 Hello Roger,

Roger Leigh<rleigh@codelibre.net>  wrote:
However, I welcome the fact that attacks on Windows will be made more
difficult, since that also means smaller botnets, fewer vulnerable
computers etc.

It will have zero effect.  Not only was the certificate effectively
compromised by allowing arbitrary code to be signed apparently by
Microsoft (see recent news)

 Of course, this incident is not nice at all - but then again, it only
 became public now and I imagine Microsoft to having reacted quickly.
 Additionally, I doubt that any other major institution signing such
 software will only sign non-malware/bug-free software. Given that
 Microsoft has been in the field for a few years, their count is not
 too bad.

how effective is the security when you
have the ability to chainload GRUB?  Once you can do that, you can
load any arbitrary code of your choice.  Any malware worth its salt
will just co-opt the Linux bootloader and continue on its way.
Effective security gained: none.

 Isn’t that the reason the small boot loader signed by MS for Fedora
 (according to their plans) will only load a signed Grub which will
 only load signed kernels etc.?

 I agree that there are problems with secure boot, mainly because
 mainboard manufacturers might block users from managing the keys on
 their computers. However, I think that – provided that users are free
 to change these keys or disable secure boot – this will help computer

 Best regards,


How long before we see malware targeting UEFI, and adding random rogue keys ? How long before a certification authority (subsidiary) gets compromised, or Microsoft itself (see the "flame" malware) ? Fedora servers have been compromised in the past, what happens if an attacker gets their key ? And it can only get worse when more distributions will have their own keys, what we will get in the end is common sense being replaced by flawed technical measure, and "appeased" users getting "trusted" malware. Then for computers with very high uptime secure boot is moot, they'll get compromised while running and happily join botnets all the same. Attacks targeting the bootloader aren't common, they usually are targeted attacks of the kind that will succeed no matter what hardware or system you are running. For the more paranoid among us many other solutions exist, which are probably far more secure than UEFI "secure boot". Every time someone try to restrain your freedom he'll say that it's for your own security, this isn't any different.

Reply to: