"Booting" is the process of starting up a computer from the OFF state. This tag is for attacks and security measures relating to the startup routine of computer hardware, firmware, or operating systems.
Questions tagged [boot]
96 questions
5
votes
1 answer
Lighteater - BIOS/UEFI vulnerable
I am currently a bit confused, I have read today an article about the BIOS-rootkit Lighteater made by John Loucaides and Andrew Furtaki. In their presentation 'How many million BIOSes would you like to infect?' they explain what they have done. They…
Greeneco
- 163
- 5
5
votes
1 answer
Self-encrypting drives, certification for tamper-protection?
Consider a drive with Opal 2.0 support that works with Microsoft Bitlocker's "eDrive" feature. In this case, supposedly, the encryption key never leaves the disk (which might increase security, although the RAM of the machine obviously needs to have…
MichaelGG
- 380
- 1
- 9
5
votes
2 answers
Impact of Mathew Garrett's Secure GRUB Bootloader on UEFI Secure Boot
My eyebrows rose with Matthew Garrett announcing his Secure GRUB Bootloader less than three hours after no longer being a Red Hat employee. This work and its impact on the trust chain design of the UEFI secure boot now being implemented on Windows…
zedman9991
- 3,377
- 15
- 22
5
votes
2 answers
securing Ubuntu bootloader using TPM
I am currently working with Ubuntu 16.04 , with an Intel CPU that supports TPM2 module.
I am trying to harden my boot-loader, i tried using trustedgrub2 fork that supports TPM2 , i understand that trustedgrub2 currently does not support UEFI BIOS so…
mmelamud
- 51
- 1
- 2
5
votes
2 answers
Is Secure Boot really Secure?
I found the concept of Secure Boot quite intriguing.
I can't say that I know much about it because I don't but I believe I understand the main concept of it.
Secure Boot verifies the signature of the executable the computer is booting. (Usually, the…
ChrisK
- 137
- 2
- 8
5
votes
1 answer
Full disk encryption on dual boot system (Truecrypt/Veracrypt)
I am looking to run my laptop system with a dual boot configuration (Fedora + Windows) with full disk encryption.
I have a laptop that I will be bringing with me while traveling, both domestically and abroad. For obvious reasons, I would like to…
enpaul
- 151
- 1
- 4
5
votes
4 answers
VeraCrypt - Windows boots Automated Repair on UEFI/GPT
OK. So I used VeraCrypt to encrypt the system partition and now Windows boots its automated repair only. After the repair in what I think is Windows Recovery Environment I can choose to boot off USB and THERE I can choose to boot the VeraCrypt…
daerragh
- 81
- 1
- 1
- 7
5
votes
1 answer
Is TPM ownership required for secure boot or measured boot?
I know:
Secure Boot - can use the TPM
Measured Boot - must use the TPM
Can anyone intimately familiar with these processes explain if any TPM owner-authorized commands are required or used in these processes?
Background:
I am using a TPM in an…
Wilbur Whateley
- 588
- 6
- 12
4
votes
2 answers
Securing the bootloader
When using full disk encryption the bootloader is not encrypted thus allowing attacks like the Evil Maid.
My question is how can I secure myself from this? Can I encrypt the drive or store it in a USB?
BTW: There is no more news about the NSA HDD…
Mark
- 67
- 8
4
votes
2 answers
Preventing boot from external media in case of theft of laptop or physical security breach in case of desktops?
I wanted to protect my Laptop from common theft. What I did was that I installed an anti-theft software on my Ubuntu 14.04. The guest account is enabled so that the thief can use my laptop while I track him down. Then as a honey-pot, I installed…
daltonfury42
- 183
- 1
- 7
4
votes
1 answer
Why does openSUSE sporadically prompt during boot to trust its built-in certificate?
The conundrum
My wife’s laptop has been running openSUSE Leap 15.0 for several years, and she has once or twice been flummoxed by this prompt at the very beginning of the boot sequence, most recently this morning:
Trust openSUSE Certificate
Do you…
PJTraill
- 143
- 7
4
votes
2 answers
Detect changes in /boot when using full disk encryption
When running a fully encrypted linux system using dm-crypt, the /boot partition has to be unencrypted to boot, as far as I know. I've setup a server that can be unlocked remotely by connecting to a pre-boot ssh server that is running from…
Peter Meyer
- 181
- 4
3
votes
0 answers
Does Windows 8 UEFI Trusted Boot protect SSDT table from modification?
I read from a link that says:
Trusted Boot takes over where Secure Boot leaves off. The bootloader verifies the digital signature of the Windows 8
kernel before loading it. The Windows 8 kernel, in turn, verifies every other component of the…
Jos8ph
- 31
- 2
3
votes
2 answers
How to protect Linux partition from access from Windows partition?
In a dual-boot environment (windows? and linux mint 15) What would be best best way to prevent access to the linux partition(s) when the system is booted into windows 7?
The goal would be to prevent windows malware from modifying the contents of…
user13779
3
votes
2 answers
Is there a reliable way to simulate "Evil Maid Attack" boot path tampering when using bitlocker?
Suppose you have a system whose OS drive is encrypted with bitlocker and uses TPM + PIN authentication to authenticate the boot path against tampering. As I understand it, this setup theoretically protects against bootkits that otherwise could…
alx9r
- 569
- 4
- 18