LSS: Secure Boot

Posted Sep 21, 2012 5:24 UTC (Fri) by mjg59 (subscriber, #23239)
In reply to: LSS: Secure Boot by raven667
Parent article: LSS: Secure Boot

No, if you can launch a sufficiently convincing hypervisor from within Linux then you can win. As yet I haven't seen any examples of a sufficiently convincing hypervisor, but I look forward to seeing what people come up with.

LSS: Secure Boot

Posted Sep 21, 2012 13:18 UTC (Fri) by raven667 (subscriber, #5198) [Link]

I suppose one could make it deliberately difficult to make such subterfuge difficult to be convincing by including splash screens or other visual indicators of what is going on. There is also the fact that such an attack will have to carry around a lot of code, tens of megabytes or more, making it unwieldy in many environments.

LSS: Secure Boot

Posted Sep 21, 2012 23:08 UTC (Fri) by nix (subscriber, #2304) [Link]

I doubt it needs to be very convincing to convince enough people to be useful to attackers. Heck, the less convincing it is the better it may be for them -- as with Nigerian scams, it helps their marks self-select for stupidity.