[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [OT] Re: the ghost of UEFI and Micr0$0ft

Ahoj,

Dňa Thu, 7 Jun 2012 06:14:17 -0400 Tom H <tomh0665@gmail.com> napísal:

> On Thu, Jun 7, 2012 at 5:43 AM, Andrei POPESCU
> <andreimpopescu@gmail.com> wrote:
> > On Mi, 06 iun 12, 13:04:50, Kelly Clowers wrote:
> >>
> >> I sincerely doubt it. Although I guess it depends on what you mean by
> >> "via the network". Worms that infect like SQL Slammer are relatively
> >> rare, AFAIK most malware get in via drive-by downloads, or intentional
> >> installation of programs that are infected. Those are user issues and
> >> browser issues (though local OS exploits may be used after the
> >> browser security is bypassed). Though these get delivered by the
> >> network, it isn't the same as vulnerabilities in, say, the TCP/IP
> >> stack, or a vulnerable OS daemon/service.
> >
> > But still, those attacks wouldn't be prevented by Secure Boot, so
> > Nate's argument (Secure Boot won't improve Windows security) still
> > stands.
> 
> Did everyone miss this link [1] that was posted by MG in his blog post?!
> 
> Simply because viruses/malware/etc have been introduced historically
> through the network doesn't mean that the firmware isn't a target now
> or won't be in the future.

The computers are often stolen, from companies, from home… Why there is
not the welding-machine as computer case's component, to make sure that
they will stay on the same place?

> That Microsoft's leveraging a (potential) solution to this problem to
> make our lives difficult isn't surprising...

yes, this can be right. But only in windows world. I don't know anyone who
is building own Windows kernel :-)

In free world, there is one problem - the changed kernel is not direct
mark to virus (or similar). In my WiFi router, the first thing which
happens was change to custom firmware. I was buying it with this change
in mind…

Theoretically, this don't must be a problem, if i will have solution to
sign my own kernel/firmware (without paying money). When i will have
solution to sign my rescue tools (CD, USB, PXE, etc)… Something as gpg.
But with this is another problem - if i will can sign my things, then
attacker will can do it too.

Or i will need to buy every some time new sign for 99$. But what if
attacker will buy sing for 99$? Where is the security?

-- 
Slavko
http://slavino.sk

Attachment: signature.asc
Description: PGP signature

Reply to: