|
|
|
|
|
|
by nneonneo
2759 days ago
|
|
|
Serious question - how well does UEFI secure boot protect against an attacker with a high degree of physical access to the machine? Online docs focus mostly on the software/firmware security but less on the hardware side. Is hardware security specified, or left up to individual vendors? |
|
|
Everything is relative.
When enabled, what Secure Boot ensures is that only boot media signed by a trusted a key (which unless user-replaced, typically are the vendor-provided key which trusts MS Windows and common Linux-distros) can be booted.
This guarantees that the base OS and kernel booted by the machine can be trusted to not be tampered with by untrusted parties. That is, the most important part of the OS is protected against malicious modifications and attacks by the firmware.
However if this is the only security-measure you have, there is nothing preventing a physical attacker from extracting the drive into another machine, and on this machine modify non-boot related OS-files to introduce a backdoor or trojan, and then put the drive back into the original machine.
You will then boot a trusted kernel, which later on may load malicious code. Secure boot alone does not protect against a scenario like this.
But if you use Secure Boot together with and BitLocker, LUKS or other full-disk encryption solutions, you should be reasonably secure, even against physical attackers.
Basically Secure Boot is not a full security solution, but it is the base which you need for a fully trusted, tamper-proof computing environment. Without it, you wouldn't know if someone is logging your password or not when unlocking the encrypted drives.