Collaborate Disseminate
Linux has a shim problem. Which naturally leads to a reasonable question: What’s a shim, and why do we need it? The answer: Making Linux work wit Secure Boot, and …read more Continue reading This Week in Security: Broken Shims, LassPass, and Toothbrushes?
Suppose you need a laptop repair, so you bring it to
A big box store where you have some sort of coverage (who will have the computer for 2-3 weeks)
A small chain of repair shops
a small independent repair shop
All in the United States. … Continue reading Laptop Repair vs. Evil Maid
I have an ASUS computer that I use strictly for booting Tails OS from a USB. A few weeks ago I went into the BIOS and noticed that secure boot was disabled.
This computer has secure boot enabled by default. The chances of me having done th… Continue reading Secure boot disabled for Potential BIOS compromise on Tails OS machine
In my laptop I’ve set up a bios password when I power on the laptop, and once I enter it the laptop starts my linux distro and decrypts the disk without asking any other password. To do this I’ve set up TPM to automatically decrypts the di… Continue reading Why the TPM PCRs does not consider a UEFI settings change? If someone resets CMOS, it’s undetected
Apple Silicon-based Macs have a LocalPolicy file that controls the secure boot process. To prevent replay attacks of the LocalPolicy, hashes of nonces are used. From here:
The lpnh is used for anti-replay of the LocalPolicy. This is an SH… Continue reading How do nonce hashes prevent replay attacks on Apple Silicon?
As far as I’ve seen, the Secure Boot process is described like so: A firmware stored in read-only memory and therefore considered secure starts. It verifies the next software component (e.g. a bootloader), loads it and – if the check is su… Continue reading Secure Boot: Can Firmware verify every component?
This is coming from Qualcomm’s Secure Boot explanation.
https://www.qualcomm.com/content/dam/qcomm-martech/dm-assets/documents/secure-boot-image-authentication_11.30.16.pdf
Within it, it explains that each bootloader loads and verifies the… Continue reading In a secure boot bootloader chain, does a bootloader image contain the RootCA certificate of the next bootloader?
I’m trying to understand how shim is considered secure.
Shim is a signed bootloader that allows to load any image (at a fixed path in the EFI System Partition) as long as its hash is added to a MOK (machine owner’s key) list, which is stor… Continue reading Is shim secure if new MOK entried can be added without a password?
As far as I understand, Secure Boot protects system from running code not signed by a specific vendor(s) during early boot stages.
In order to attempt an attack on the bootloader in the first place, an attacker would need either:
Boot fr… Continue reading What does Secure Boot protect against?
it seems state of the art that the autmotive electronical Control units (ECUs) contain security features as Secure Flashing and Secure Boot. For secure flashing, each new software to be programmed is verified by performing signature verifi… Continue reading Why is Secure Boot in an ECU required when there is Secure Flashing capabilities?