Collaborate Disseminate
My Dell XPS 9310 has secure boot enabled and the BIOS is up to date and there are no manual keys added there.
Can I download a ubuntu .ISO from anywhere and flash into any computer without worrying about malwares? Will it boot the USB driv… Continue reading Do I need to verify a .ISO before flashing, if my laptop has secure boot?
I have searched online, but have not been able to find anything about this.
I understand the PKFail can compromise the boot process by allowing a signed key to sign malware to insert into the UEFI, and I can understand that this can compro… Continue reading Does Bitlocker provide a degree of protection from PKFail?
A vulnerability dubbed PKfail can allow attackers to run malicious code during the boot process, which can be used to deliver UEFI bootkits.
The post PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models appeared first on Secur… Continue reading PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models
SecureBoot uses a PKI path to verify particular signed bootloader binaries before it runs these binaries. This PKI, as far as I understand, is basically owned by Microsoft, meaning that only Microsoft can sign binaries that will run on Sec… Continue reading Is the ability to use Machine Owner Keys effectively a bypass of SecureBoot security?
Are PUFs used, EVERY time we power on the computer, to verify that nothing have been tampered (by using CRP authentication)?
Which element performs this authentication? (bios, secureboot, I don’t know)?
Where are CRPs stored? In which ele… Continue reading Is EVERY time we power on the computer verified that nothing have been tampered via PUF CRP authentication? By which component? Where are CRPs stored?
Are PUFs used, EVERY time we power on the computer to verify that nothing has been tampered with (by using CRP authentication)?
Which element performs this authentication? (bios, secureboot, I don’t know)?
Where are CRPs stored? In which … Continue reading Is PUF Challenge-Response Authentication applied on every power-up event? [closed]
Apologies if any of these questions have been answered previously. Also, apologies for the sheer number of questions asked here. I’ve done some digging, and have been unable to find a good resource that goes into a little more depth on how… Continue reading The Boot Process – Sequence of Events, Boot Integrity Checks, and BitLocker OS Volume Encryption
Linux has a shim problem. Which naturally leads to a reasonable question: What’s a shim, and why do we need it? The answer: Making Linux work wit Secure Boot, and …read more Continue reading This Week in Security: Broken Shims, LassPass, and Toothbrushes?
Suppose you need a laptop repair, so you bring it to
A big box store where you have some sort of coverage (who will have the computer for 2-3 weeks)
A small chain of repair shops
a small independent repair shop
All in the United States. … Continue reading Laptop Repair vs. Evil Maid
I have an ASUS computer that I use strictly for booting Tails OS from a USB. A few weeks ago I went into the BIOS and noticed that secure boot was disabled.
This computer has secure boot enabled by default. The chances of me having done th… Continue reading Secure boot disabled for Potential BIOS compromise on Tails OS machine