Re: [OT] Re: the ghost of UEFI and Micr0$0ft
On 05/06/2012 20:59, Claudius Hubig wrote:
Roger Leigh<email@example.com> wrote:
However, I welcome the fact that attacks on Windows will be made more
difficult, since that also means smaller botnets, fewer vulnerable
It will have zero effect. Not only was the certificate effectively
compromised by allowing arbitrary code to be signed apparently by
Microsoft (see recent news)
Of course, this incident is not nice at all - but then again, it only
became public now and I imagine Microsoft to having reacted quickly.
Additionally, I doubt that any other major institution signing such
software will only sign non-malware/bug-free software. Given that
Microsoft has been in the field for a few years, their count is not
how effective is the security when you
have the ability to chainload GRUB? Once you can do that, you can
load any arbitrary code of your choice. Any malware worth its salt
will just co-opt the Linux bootloader and continue on its way.
Effective security gained: none.
Isn’t that the reason the small boot loader signed by MS for Fedora
(according to their plans) will only load a signed Grub which will
only load signed kernels etc.?
I agree that there are problems with secure boot, mainly because
mainboard manufacturers might block users from managing the keys on
their computers. However, I think that – provided that users are free
to change these keys or disable secure boot – this will help computer
How long before we see malware targeting UEFI, and adding random rogue
keys ? How long before a certification authority (subsidiary) gets
compromised, or Microsoft itself (see the "flame" malware) ? Fedora
servers have been compromised in the past, what happens if an attacker
gets their key ? And it can only get worse when more distributions will
have their own keys, what we will get in the end is common sense being
replaced by flawed technical measure, and "appeased" users getting
Then for computers with very high uptime secure boot is moot, they'll
get compromised while running and happily join botnets all the same.
Attacks targeting the bootloader aren't common, they usually are
targeted attacks of the kind that will succeed no matter what hardware
or system you are running. For the more paranoid among us many other
solutions exist, which are probably far more secure than UEFI "secure boot".
Every time someone try to restrain your freedom he'll say that it's for
your own security, this isn't any different.