[Arm-netbook] Verifying firmware
Xavi Drudis Ferran
xdrudis at tinet.cat
Thu Aug 25 06:56:10 BST 2016
El Thu, Aug 25, 2016 at 12:01:48AM -0400, Stefan Monnier deia:
> > mmm... manually taking it out is cumbersome. And leaves some time
> > vulnerable to remote attacks (during boot and between boot and
> > removal).
>
> Sure. Same issue w.r.t how realistic such an attack would be compared
> to the clear and obvious attacks to your freedom perpetrated in the name
> of "secure boot".
>
I'm not advocating for secure boot. In fact I advocate against any
form of secure boot that is not under the user control at all times. I
also avocate against any service or content that requires secure boot
or remote attestation, even if the user could choose not to use the
service or content and not to use secure boot, or not to use certain keys.
I'm only trying not to sell something broken to those who want secure boot
under user control.
> > uSD cards already have a microcontroller in them. And some have been
> > hacked, I think. You could design one that has a way to define a read
> > only part (not like the SD cards that have that switch which only asks
> > the O.S. "please don't write me" but like the microcontrolled
> > answering "nah nah nah I don't hear you" when write requests to the
> > specified range arrive).
>
> Probably easier would be to make a µSd card where the little switch is
> not just advisory but is "put [...] in serial to the write enable in the
> EEPROM or NAND" on the card ;-)
>
Yes. I only said that because SD cards have a switch and uSD cards don't
so I thought there is some mechanical difficulty in puting a switch in
a card so small.
You could put a switch in a uSD card, but that would make the whole
uSD card read only, so you would need something else for storage
space. If you can get simply a part readonly that'd be much better and
self contained.
And yes, we can live happy without secure boot.
More information about the arm-netbook
mailing list