Announcement

**duby229** · 29 March 2013, 12:21 AM

And as I keep saying, we'll see.

EDIT: Oh and stuxnet was awesome btw. It was one of the coolest things I've seen. I have a lot of fondness for it.

**mjg59** · 29 March 2013, 12:28 AM

Originally posted by duby229 View Post

And as I keep saying, we'll see.

Which do you think will come first, an AppleTV 3 boot-level attack, or a generic Secure Boot vulnerability?

**duby229** · 29 March 2013, 12:38 AM

I have no idea, but I'd be willing to bet my bottom dollar that Secureboot has a larger community with more groups working towards it.

I'd say that Secureboot has more notoriety then other things. Its a more lucrative target.

**mjg59** · 29 March 2013, 12:49 AM

Originally posted by duby229 View Post

I have no idea, but I'd be willing to bet my bottom dollar that Secureboot has a larger community with more groups working towards it.

I'd say that Secureboot has more notoriety then other things. Its a more lucrative target.

You're right, it's lucrative. It's pretty much exactly as attractive as a fundamental flaw in Authenticode. Which nobody appears to have found yet, despite having had about 10 years to work on it.

**duby229** · 29 March 2013, 02:25 AM

You know just as well as I do that any hack that is found will be implementation specific. Just because a flaw might be found for Secureboot doesnt necessarily mean that the same flaw will be exposed in different implementations.

**nomadewolf** · 29 March 2013, 07:52 AM

Originally posted by mdias View Post

Humm... If you mean that the system you're trying to crack will still be usefull some millions of years in the future, then sure! You WILL crack it... one day...

Please read on cryptography before posting stuff about it. It's not as easy as it sounds, and not always breakable (in a non-bruteforce way). Brute forcing WILL break it, but not in a useful timeframe, unless you're VEEEEEEERY lucky (turns out that one of the initial iterations is the right one).

There has been systems encrypted with TrueCrypt that neither the FBI or CIA have been able to crack.

That's half my post. In the other half, i presented a viable way to achieve the same goal in a different way.
You are basically agreeing with me. I was only trying to correct some posts that say that is impossible. It's not impossible, it just takes a very long time.
Right now it's about the same as impossible, but in a few years (maybe decades), when Quantum processors are around, who knows?

**nomadewolf** · 29 March 2013, 08:02 AM

Originally posted by mjg59 View Post

Well, in practice any given implementation generally turns out to have flaws (I've certainly found flaws in specific Secure Boot implementations, and I have no doubt that there are others), and it's difficult to prove it in advance, so pointing at a specific machine and saying "This is unbreakable" would be a pretty astonishing thing to say. Having said that, the design principles behind Secure Boot itself have been incredibly heavily reviewed - it's effectively the same Authenticode system that Microsoft use for signing drivers and executables, and nobody's demonstrated an exploit against those yet despite it being one of the most attractive targets. It was easier for the Stuxnet developers to use keys that were physically stolen from hardware companies than it was to break the underlying cryptography...

No one can argue that Secure Boot offers a very high level of encryption that hard to decrypt.
Only with a brute force attack would that be viable. But it would take forever.

The problem here, and correct me if i'm wrong, is that:

There can be flawed implementations, and thus, the so advertised promise of security is lost.
Other ways, like bypassing it by using the Linuz Foundation's bootloader, can be found...

Bottom line, no matter how hard the code is to break, in the end, secure boot is not secure, and the only thing it effectivelly can lock away is Linux!!!

Secure Boot is not secure!!!
Secure Boot is not secure!!!
Secure Boot is not secure!!!

Hard to decrypt? Sure!
But...

Secure Boot is not secure!!!
Secure Boot is not secure!!!
Secure Boot is not secure!!!

**nomadewolf** · 29 March 2013, 08:07 AM

Originally posted by mjg59 View Post

An effective blacklisting mechanism?

Sure, and as I keep saying it's likely that specific implementations will fall prey to this. But a generic flaw that affects all machines with Secure Boot? I doubt it.

Already there is a way to affect most of the machines.
All one has to do is use Linux Foundation's bootloader, which is signed by Micrsoft.
Some machines may not boot it due to bugs, but most of them will certainly do it.

It's already been proven, along time ago, that Secure Boot is not secure. Wake up!

Secure Boot is not secure!!!
Secure Boot is not secure!!!
Secure Boot is not secure!!!

**mjg59** · 29 March 2013, 10:02 AM

Originally posted by nomadewolf View Post

Already there is a way to affect most of the machines.
All one has to do is use Linux Foundation's bootloader, which is signed by Micrsoft.
Some machines may not boot it due to bugs, but most of them will certainly do it.

How do you use the Linux Foundation bootloader to boot malware without the user's knowledge?

**bridgman** · 29 March 2013, 10:23 AM

Put a post somewhere on an internet forum telling people they can get 5% better graphics performance by loading <xxx> using the bootloader, that they should expect the following warning messages, and that they should ignore them all

Announcement

Linux Group Files Complaint With EU Over SecureBoot

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment