Re: [OT] Re: the ghost of UEFI and Micr0$0ft

["tv.debian@googlemail.com" <tv.debian@googlemail.com>]

 On 05/06/2012 20:59, Claudius Hubig wrote:
 Hello Roger,
> > Roger Leigh<rleigh@codelibre.net>  wrote:
[snip]
> > > However, I welcome the fact that attacks on Windows will be made more
> > > difficult, since that also means smaller botnets, fewer vulnerable
> > > computers etc.
> >
> > It will have zero effect.  Not only was the certificate effectively
> > compromised by allowing arbitrary code to be signed apparently by
> > Microsoft (see recent news)

 Of course, this incident is not nice at all - but then again, it only
 became public now and I imagine Microsoft to having reacted quickly.
 Additionally, I doubt that any other major institution signing such
 software will only sign non-malware/bug-free software. Given that
 Microsoft has been in the field for a few years, their count is not
 too bad.

> > how effective is the security when you
> > have the ability to chainload GRUB?  Once you can do that, you can
> > load any arbitrary code of your choice.  Any malware worth its salt
> > will just co-opt the Linux bootloader and continue on its way.
> > Effective security gained: none.

 Isn’t that the reason the small boot loader signed by MS for Fedora
 (according to their plans) will only load a signed Grub which will
 only load signed kernels etc.?

 I agree that there are problems with secure boot, mainly because
 mainboard manufacturers might block users from managing the keys on
 their computers. However, I think that – provided that users are free
 to change these keys or disable secure boot – this will help computer
 security.

 Best regards,

 Claudius

How long before we see malware targeting UEFI, and adding random rogue 
keys ? How long before a certification authority (subsidiary) gets 
compromised, or Microsoft itself (see the "flame" malware) ? Fedora 
servers have been compromised in the past, what happens if an attacker 
gets their key ? And it can only get worse when more distributions will 
have their own keys, what we will get in the end is common sense being 
replaced by flawed technical measure, and "appeased" users getting 
"trusted" malware.
Then for computers with very high uptime secure boot is moot, they'll 
get compromised while running and happily join botnets all the same.
Attacks targeting the bootloader aren't common, they usually are 
targeted attacks of the kind that will succeed no matter what hardware 
or system you are running. For the more paranoid among us many other 
solutions exist, which are probably far more secure than UEFI "secure boot".
Every time someone try to restrain your freedom he'll say that it's for 
your own security, this isn't any different.