"Booting" is the process of starting up a computer from the OFF state. This tag is for attacks and security measures relating to the startup routine of computer hardware, firmware, or operating systems.
Questions tagged [boot]
96 questions
3
votes
3 answers
Will converting a MBR disk to GPT, formatting and the converting back to MBR remove a infected boot record.
Will converting a MBR disk to GPT, formatting and the converting back to MBR remove a infected boot record. I am looking into writing a little program that will take a connected USB with a MBR infection and convert it to GPT and then format it…
Plisken
- 133
- 3
3
votes
1 answer
How does Android prevent me from installing custom system services?
I am trying to understand the secure boot process. Lets say the firmware is locked and only does signed installation of an OS image. This "image" is a compressed bundle of all the binaries needed by the system. So once these are installed they are…
user220201
- 893
- 9
- 22
3
votes
1 answer
Windows Secure Boot compromise: are fully-patched PCs vulnerable?
Are fully-patched (as of Aug. 10, 2016) Windows installs vulnerable to allowing self-signed early-boot malware to run- because of this ? If so, which versions of Windows are vulnerable.
What in blazes is going on with this thing, technically?…
mostlyinformed
- 2,715
- 16
- 38
3
votes
1 answer
How do boot-sector viruses propagate?
I'm doing research on various malware and I came across boot-sector viruses. Kaspersky states that "they are not designed to infect removable media."
My question is, how do they spread then?
Again quoting Kaspersky, "Boot sector computer viruses are…
DrDoom
- 445
- 1
- 5
- 12
3
votes
1 answer
What's the point of encrypting /boot or / partition?
I'm not talking about full disk hardware encryption. I'm talking about software encryption.
encrypting /home prevents your data after your laptop is stolen. As far as I understand, encrypting / and /boot is supposed to protect against running…
piotrek
- 269
- 1
- 8
3
votes
1 answer
Can the windows Remote Procedure Call subsystem be modified from the default without causing Windows 8/8.1/10 to break?
This is a question that personally as a security professional has bugged me for a long time.
So, a default Windows installation, from XP up to 10, typically has a few services listening on the quad-zero (0.0.0.0 for those that might be less familiar…
LegacyLegolas
- 31
- 2
2
votes
1 answer
Prevent cold boot attack on running laptop by overwriting ram
I'd like to use my laptop as a recording device when I leave home, but there would still be the possibility for a cold boot attack or with DDR3 RAM even warm boot attack is possible as I have read.
Could one overwrite RAM before leaving the laptop…
Junior J. Garland
- 677
- 5
- 15
2
votes
1 answer
Securely erasing USB flash drives from a bootable media
My question refers to securely erasing viruses from the usb flash drives, including the MBR, in case there is one.
I was thinking of booting with Linux from a closed CD-R
(a cd rather than USB flash drive because of the possibility of a virus…
user288528
- 21
- 1
2
votes
1 answer
How do you boot from the network using https?
How do you boot a Linux live image from a CDN using Https as boot protocol?
The reason for netbooting using a CDN would be to start fresh with a non persistent operating system image. Booting fresh via the network should make it harder to persist…
Christian
- 265
- 1
- 3
2
votes
1 answer
Are there any Linux distributions with enabled TPM2 and full disk encryption setups
I have been searching the web to find a Linux distribution, preferrably a rolling release one as I'm otherwise hooked on the concepts in Arch Linux, with automated steps to setup full disk encryption (including the boot partition) using the TPM2…
tirithen
- 121
- 4
2
votes
1 answer
Understanding Secure Boot
I'm trying to understand the secure boot process of an OS but there are few points I can't wrap my head around.
At a high level, afaik, secure boot ensures that the loaded OS is authenticated by its respective vendor. If an adversary modifies the OS…
SpiderRico
- 177
- 5
2
votes
1 answer
Is it a security concern to publish the current boot_id?
On linux, a machine comes with a machine_id.
From the man page, it is said to be considered as "confidential" and must not be exposed to unstrusted parties.
Should the boot_id (from /proc/sys/kernel/random/boot_id) also be considered "confidential"…
solsTiCe
- 201
- 2
- 8
2
votes
1 answer
What can a compromised firmware (UEFI) do after the hard-disk has been wiped?
I might be mistaken, but it seems the firmware (UEFI) needs to load some stuff from the disk to be able to do anything really interesting, like loading some advanced tools or loading the OS. Yet firmware infections are often associated with the…
reed
- 15,398
- 6
- 43
- 64
2
votes
2 answers
What program can Decrypt specific a Folder/Files during Windows Boot/Loading? (Windows)
I've been looking into Encryption of my data for some time now; I've decided to move ahead with VeraCrypt for encryption all of my partitions (I have 2 disks in 1 laptop) except for the OS (C:) partition.
(Reason being, I don't want to risk the…
Andrew Davis
- 21
- 2
2
votes
1 answer
Why are pins required on boot on devices with fingerprint readers?
Both my iPad and my android phone are configured to allow access via either a pin, or a fingerprint scan. However, immediately after a reboot, neither device allows a fingerprint for the first unlock; the pin is required instead. Both devices state…
Jason C
- 251
- 2
- 16