1 |
2009/11/29 Mansour Moufid <mansourmoufid@×××××.com>:
|
2 |
> Google's new OS claims to prevent exactly this sort of attack by using |
3 |
> "custom" firmware to conduct regular checks: |
4 |
> http://www.youtube.com/watch?v=A9WVmNfgjtQ#t=2m24s |
5 |
> Apparently, the key used to check the kernel for modification is kept |
6 |
> in "read-only" firmware, along with "verifier logic" (hash test |
7 |
> cases?). If they're successful, perhaps Gentoo Hardened could adopt |
8 |
> these methods. |
9 |
Well, at least a part of that firmware should be overwritable with new hashes or otherwise I can assure you data tampering wouldn't be as dangerous as exploit using on outdated kernels.
|
10 |
|
11 |
The thing is, knowing where that firmware is you can reflash it with your new hashes so you'll foil the scheme. Of course this could take some time on a laptop (15 minutes tops) and you can be sure that somebody interested can get a replacement for the tamper proof parts.
|
12 |
|
13 |
BTW: I rather use a 1$ rubber hose. |