[Arm-netbook] Verifying firmware

Stefan Monnier monnier at iro.umontreal.ca
Thu Aug 25 05:01:48 BST 2016


> mmm... manually taking it out is cumbersome. And leaves some time
> vulnerable to remote attacks (during boot and between boot and
> removal).

Sure.  Same issue w.r.t how realistic such an attack would be compared
to the clear and obvious attacks to your freedom perpetrated in the name
of "secure boot".

> uSD cards already have a microcontroller in them. And some have been
> hacked, I think. You could design one that has a way to define a read
> only part (not like the SD cards that have that switch which only asks
> the O.S. "please don't write me" but like the microcontrolled
> answering "nah nah nah I don't hear you" when write requests to the
> specified range arrive).

Probably easier would be to make a µSd card where the little switch is
not just advisory but is "put [...] in serial to the write enable in the
EEPROM or NAND" on the card ;-)


        Stefan




More information about the arm-netbook mailing list