Re: [OT] Re: the ghost of UEFI and Micr0$0ft
On Tue, Jun 5, 2012 at 2:38 PM, Roger Leigh <rleigh@codelibre.net> wrote:
> On Tue, Jun 05, 2012 at 07:26:55PM +0200, Claudius Hubig wrote:
>> However, I welcome the fact that attacks on Windows will be made more
>> difficult, since that also means smaller botnets, fewer vulnerable
>> computers etc.
>
> It will have zero effect. Not only was the certificate effectively
> compromised by allowing arbitrary code to be signed apparently by
> Microsoft (see recent news), how effective is the security when you
> have the ability to chainload GRUB? Once you can do that, you can
> load any arbitrary code of your choice. Any malware worth its salt
> will just co-opt the Linux bootloader and continue on its way.
> Effective security gained: none.
I don't think that you can draw a straight parallel between the
Terminal Server certificate lacunas exploited by "Flame" but even if
we ignore the differences, yes, there's a possibility that
Microsoft'll screw up and it'll have a large effect, much larger than,
for example the screw-ups of Debian, kernel.org, and countless others
in the past. But eben if Microsoft's replaced as the ultimate trusted
authority by another, independent entity, you'll still have a TBTF,
single-point-of-failure.
In the proposed Fedora scenario, I don't think that you'll be able to
chainload grub, or at least you won't be able to chainload a grub that
isn't signed by a trusted key in the same way that you won't be able
to boot a kernel that isn't signed by a trusted key.
Reply to: