:: Re: [DNG] UEFI Secure Boot workarou…
Página Inicial
Delete this message
Reply to this message
Autor: Arnt Gulbrandsen
Data:  
Para: dng
Assunto: Re: [DNG] UEFI Secure Boot workaround?
Simon Hobson writes:
> Isn't it the bootloader that UEFI loads and runs, and as long
> as the bootloader (Grub) is signed, then UEFI should boot it and
> grub can boot anything you want. Kind of blasts the argument
> that secure boot is either essential or secure out of the water
> when you can sign one bit of "insecure"* code and have it load
> anything.


I wonder if you misunderstand, perhaps...

I have a linux laptop with data you shouldn't access. You may assume it's
sensibly configured (secure boot, luks, etc, but standard hardware, no
epoxy). Can you explain to me how you would evade its security? I'm not
interested in how I could misconfigure it, because I'm not worried about
attacks by myself. Assuming I configured it sensibly, how would you either
access the data or install password-sniffing software?

Arnt