* [gentoo-user] Heads up for those who use grub2
@ 2015-12-19 17:57 Mick
2015-12-19 21:06 ` [gentoo-user] " Grant Edwards
2015-12-19 22:30 ` [gentoo-user] " Bertram Scharpf
0 siblings, 2 replies; 4+ messages in thread
From: Mick @ 2015-12-19 17:57 UTC (permalink / raw
To: gentoo-user
[-- Attachment #1: Type: Text/Plain, Size: 96 bytes --]
http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
--
Regards,
Mick
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 473 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* [gentoo-user] Re: Heads up for those who use grub2
2015-12-19 17:57 [gentoo-user] Heads up for those who use grub2 Mick
@ 2015-12-19 21:06 ` Grant Edwards
2015-12-19 21:43 ` Rich Freeman
2015-12-19 22:30 ` [gentoo-user] " Bertram Scharpf
1 sibling, 1 reply; 4+ messages in thread
From: Grant Edwards @ 2015-12-19 21:06 UTC (permalink / raw
To: gentoo-user
On 2015-12-19, Mick <michaelkintzios@gmail.com> wrote:
> http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
If somebody can touch your computer while it's booting, the game's
over anyway...
--
Grant
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] Re: Heads up for those who use grub2
2015-12-19 21:06 ` [gentoo-user] " Grant Edwards
@ 2015-12-19 21:43 ` Rich Freeman
0 siblings, 0 replies; 4+ messages in thread
From: Rich Freeman @ 2015-12-19 21:43 UTC (permalink / raw
To: gentoo-user
On Sat, Dec 19, 2015 at 4:06 PM, Grant Edwards
<grant.b.edwards@gmail.com> wrote:
> On 2015-12-19, Mick <michaelkintzios@gmail.com> wrote:
>
>> http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
>
> If somebody can touch your computer while it's booting, the game's
> over anyway...
>
Actually, not necessarily, though there is still room to go.
With a TPM-backed full disk encryption scheme you can basically
prevent most attacks based on physical control. If you were to go a
step further and secure RAM and bus IO (we're not quite there yet) you
could probably make almost any hardware attack completely impractical.
If you have TPM-backed encryption and you assume the software itself
is secure then to attack it you're going to have to actually intercept
data off the bus, or from RAM. You certainly can't just install some
rootkit by booting from alternate media, or remove the drives and
attack them from another device you control. That is, unless you
defeat the TPM, which is certainly within the realm of the laws of
physics, but in practice everything about a TPM's design is intended
to prevent that attack.
--
Rich
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] Heads up for those who use grub2
2015-12-19 17:57 [gentoo-user] Heads up for those who use grub2 Mick
2015-12-19 21:06 ` [gentoo-user] " Grant Edwards
@ 2015-12-19 22:30 ` Bertram Scharpf
1 sibling, 0 replies; 4+ messages in thread
From: Bertram Scharpf @ 2015-12-19 22:30 UTC (permalink / raw
To: gentoo-user
Hi,
On Saturday, 19. Dec 2015, 17:57:33 +0000, Mick wrote:
>
> http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
Decrementing an unsigned int without checking it for zero is
a real boner. Where things like that happen, you will find
more flaws.
Bertram
--
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-scharpf.de
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-12-19 22:31 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-12-19 17:57 [gentoo-user] Heads up for those who use grub2 Mick
2015-12-19 21:06 ` [gentoo-user] " Grant Edwards
2015-12-19 21:43 ` Rich Freeman
2015-12-19 22:30 ` [gentoo-user] " Bertram Scharpf
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox