Highest Voted 'uefi' Questions - IT Security Stack Exchange

5

votes

1 answer

Lighteater - BIOS/UEFI vulnerable

I am currently a bit confused, I have read today an article about the BIOS-rootkit Lighteater made by John Loucaides and Andrew Furtaki. In their presentation 'How many million BIOSes would you like to infect?' they explain what they have done. They…

asked Mar 24 '15 at 18:05

Greeneco

163
5

5

votes

2 answers

Impact of Mathew Garrett's Secure GRUB Bootloader on UEFI Secure Boot

My eyebrows rose with Matthew Garrett announcing his Secure GRUB Bootloader less than three hours after no longer being a Red Hat employee. This work and its impact on the trust chain design of the UEFI secure boot now being implemented on Windows…

linux boot uefi grub

asked Dec 01 '12 at 14:41

zedman9991

3,377
15
22

5

votes

2 answers

Is Secure Boot really Secure?

I found the concept of Secure Boot quite intriguing. I can't say that I know much about it because I don't but I believe I understand the main concept of it. Secure Boot verifies the signature of the executable the computer is booting. (Usually, the…

boot uefi

asked Mar 03 '18 at 20:50

ChrisK

137
2
8

5

votes

4 answers

VeraCrypt - Windows boots Automated Repair on UEFI/GPT

OK. So I used VeraCrypt to encrypt the system partition and now Windows boots its automated repair only. After the repair in what I think is Windows Recovery Environment I can choose to boot off USB and THERE I can choose to boot the VeraCrypt…

encryption disk-encryption boot veracrypt uefi

asked Sep 30 '16 at 10:42

daerragh

81
1
1
7

5

votes

1 answer

Is TPM ownership required for secure boot or measured boot?

I know: Secure Boot - can use the TPM Measured Boot - must use the TPM Can anyone intimately familiar with these processes explain if any TPM owner-authorized commands are required or used in these processes? Background: I am using a TPM in an…

trusted-computing tpm boot uefi

asked Feb 23 '16 at 01:02

Wilbur Whateley

588
6
12

4

votes

4 answers

UEFI and security implications for encryption

After my old PC kicked the bucket I now own my first UEFI board and I am already having trust issues. I utilized Truecrypt's system encryption for years now and really got used to it. My new board has no legacy boot option but supports legacy…

encryption disk-encryption truecrypt uefi

asked Jun 20 '15 at 07:00

RainerW

41
2

4

votes

1 answer

Investigating HP sure start triggering security warnings

The following question belongs more to the HP forums but unfortunately I am not gaining any traction there. Please move the question to another SE if its off topic for this community. Recently I've started receiving the following BIOS interruption &…

ubuntu bios uefi hp

asked Oct 14 '20 at 09:25

Jernej

61
1
6

4

votes

1 answer

Why does openSUSE sporadically prompt during boot to trust its built-in certificate?

The conundrum My wife’s laptop has been running openSUSE Leap 15.0 for several years, and she has once or twice been flummoxed by this prompt at the very beginning of the boot sequence, most recently this morning: Trust openSUSE Certificate Do you…

certificates linux boot uefi

asked Sep 17 '20 at 08:55

PJTraill

143
7

4

votes

2 answers

Are UEFI motherboards software flashable? If so, is there any way to prevent it?

I have the idea that many UEFI motherboards are software flashable. For example, Gigabyte's flashing instructions for their motherboards describes a "A Windows-based BIOS live update utility" which would appear to just run as application software on…

uefi

asked Jan 25 '17 at 16:32

Tyler Durden

1,116
1
9
18

3

votes

2 answers

UEFI secure boot and rootkits

I heard that with UEFI secure boot enabled a custom kernel module that is not signed will not run, hence a rootkit might be difficult to install. Can a secure boot really block rootkit modules from being installed or is it just capable of blocking…

linux rootkits uefi

asked Oct 14 '14 at 09:39

Kevin Parker

197
1
10

3

votes

0 answers

Does Windows 8 UEFI Trusted Boot protect SSDT table from modification?

I read from a link that says: Trusted Boot takes over where Secure Boot leaves off. The bootloader verifies the digital signature of the Windows 8 kernel before loading it. The Windows 8 kernel, in turn, verifies every other component of the…

rootkits windows-8 boot uefi driver

asked Sep 16 '13 at 07:37

Jos8ph

31
2

3

votes

1 answer

Secure boot after an OTA update confusion

My understanding is that secure boot works by verifying each stage in the boot process before proceeding. So first, UEFI or booting firmware will validate the signature of the bootloader, then kernel, applications etc. before loading. When an OTA…

tpm code-signing updates uefi secure-boot

asked Mar 14 '22 at 05:14

Engineer999

257
1
8

3

votes

3 answers

Can BIOS/UEFI change OS code?

I know that the OS is the boss of programs (once OS is loaded). Is BIOS/UEFI the boss of the everything before OS is loaded? Can an OS be a sitting duck for any BIOS/UEFI related malware? In other words, can BIOS/UEFI delete or modify OS and other…

operating-systems bios uefi

asked Aug 21 '18 at 10:47

humble_wolf

169
5

3

votes

1 answer

Windows Secure Boot compromise: are fully-patched PCs vulnerable?

Are fully-patched (as of Aug. 10, 2016) Windows installs vulnerable to allowing self-signed early-boot malware to run- because of this ? If so, which versions of Windows are vulnerable. What in blazes is going on with this thing, technically?…

windows trusted-computing boot uefi trusted-boot

asked Aug 11 '16 at 07:25

mostlyinformed

2,715
16
38

3

votes

3 answers

EFI: encrypt ESP

I wonder if it possible to encrypt an EFI system partition (ESP)? I would like to set up a virtual machine (VirtualBox) using EFI as boot manager which is supported by the used OS (archlinux). Is there a way to encrypt the boot partition (ESP) using…

uefi dm-crypt

asked Jul 05 '16 at 10:20

maxik

133
2
6

Questions tagged [uefi]