[Ksummit-2012-discuss] [ATTEND] ACPI, UEFI, kernel security

Matthew Garrett mjg59 at srcf.ucam.org
Wed Jun 27 20:09:29 UTC 2012


On Wed, Jun 27, 2012 at 04:05:33PM -0400, Steven Rostedt wrote:

> Let me get this straight though. The worry is that an attacker can take
> the Ubuntu signed boot loader, place a infected payload on it, and then
> inject this boot loader and malware to boot an infected Windows, right?

Yes.

> Now, if the only boot loader that Ubuntu gets signed, has a splash
> screen that shows a big screen Ubuntu logo for a few seconds before
> booting, I think the user would know something is funny the next time
> they reboot their box. That is, this malware won't get there totally
> silently.

Not so effective for headless systems. But yes, more clarity here would 
help a great deal.

-- 
Matthew Garrett | mjg59 at srcf.ucam.org


More information about the Ksummit-2012-discuss mailing list