LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Garrett: Why UEFI secure boot is difficult for Linux

Garrett: Why UEFI secure boot is difficult for Linux

Posted Jan 18, 2012 21:30 UTC (Wed) by elanthis (guest, #6227)
In reply to: Garrett: Why UEFI secure boot is difficult for Linux by stumbles
Parent article: Garrett: Why UEFI secure boot is difficult for Linux

You are missing a serious part of the picture here. SecureBoot by itself just secures the OS kernel. An OS supporting SecureBoot is expected to use the Trusted Computing modules to protect runtime services and Administrator-level processes. The end result is that even if you get a virus somehow that gets into the kernel, you can just reboot into Safe Mode and clean it out safely. Without Secure Boot, you can't trust any of the other security measures to still be effective, so the only recourse after a compromise is to wipe everything and reinstall from scratch on new hardware with clean firmware. Which can range from "annoying" to "prohibitively f**king time consuming and expensive."

All security is just risk management. Nothing makes you 100% safe, but you can take steps to make yourself safer than you were before. By your logic, we might as well remove security levels, passwords, sandboxes, and firewalls, since none of those actually stop a dedicated hacker from getting into your systems. Obviously you don't believe that because you know that they add some value and reduce risks. SecureBoot is just another small step that reduces those risks a little bit more.

(Log in to post comments)

Garrett: Why UEFI secure boot is difficult for Linux

Posted Jan 18, 2012 23:11 UTC (Wed) by stumbles (guest, #8796) [Link]

Or boot off a live CD and go about your business.

Garrett: Why UEFI secure boot is difficult for Linux

Posted Jan 19, 2012 7:39 UTC (Thu) by ekj (guest, #1524) [Link]

That *is* a form of secure boot: It works if you're absolutely certain that the code that starts the computer, reads in the boot-block on the CD-ROM and executes it, does so in a secure manner and could not be subverted.

If there's a possibility that this code is subverted, all bets are off.

Garrett: Why UEFI secure boot is difficult for Linux

Posted Jan 19, 2012 13:53 UTC (Thu) by drag (subscriber, #31333) [Link]

Also if your boot loader checks the signature on the kernel and the initrd then you can use the initrd to verify the rest of your system using file-based IDS.

This had the advantage over a live cd system in that it's automatable and is easier for the OS vendor to support.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds