|
|
|
|
|
|
by lmm
882 days ago
|
|
|
> Not updating DBX is the default state. Updating it is what requires effort. Up to a point, but that's true for almost everything in software. Not updating your OS etc. is the default state, and if it's not up to date it will be full of holes. That's life. > You're missing the point. An attacker that can write to the ESP is root on the live system right now. It can exfiltrate the contents of `/` right now. Or if it can't exfiltrate right now, it can install an OS service to do that on future boots. If they have root on the live system then they don't need to mess around attacking secure boot at all. The point is "evil maid" style attacks where someone messes with the boot partition (and/or firmware) by booting off another device. Again, this is the whole point of Secure Boot; if you don't care about that kind of scenario then why would you ever be using secure boot at all? |
|
|
This subthread is descended from https://news.ycombinator.com/item?id=39135275 which talks about "remote attackers". Nobody's talking about evil maid attacks.