| |||||||||||||
Garrett: Secure Boot and Restricted BootGarrett: Secure Boot and Restricted BootPosted Mar 29, 2013 3:33 UTC (Fri) by geofft (subscriber, #59789)In reply to: Garrett: Secure Boot and Restricted Boot by hummassa Parent article: Garrett: Secure Boot and Restricted Boot
> Cryptography only works in transit. If you are in control of one of the endpoints of a communication, Cryptography is NOTHING.
This is a valid argument against restricted boot, but not so much against secure boot. The intention of restricted boot is to make sure that only the OS vendor controls the OS being run, and prevent the computer owner from choosing an OS. You're right that with physical control the user can probably win (although I can still imagine designs that involve writing everything in Coq and then epoxying the motherboard, or something).
But secure boot is intended to place the computer owner and the hardware vendor in control of the device, and keep malware away. The attacks people are worried about are boot sector _viruses_ (which have been around since the late '80s, btw; it's only with UEFI that we can do something meaningful about it). This involves a third party with access to your boot medium -- anything from a trojanned download of an Ubuntu CD, to a curious-looking thumbdrive lying around a conference. Here the attacker does not have control of the endpoint, until such time as they get code executing. Secure boot is intended to make sure the attacker's code never executes. So the cryptosystem is sound.
(Log in to post comments)
|
|||||||||||||