| 1 |
2009/11/29 Mansour Moufid <mansourmoufid@×××××.com>:
|
| 2 |
> Google's new OS claims to prevent exactly this sort of attack by using |
| 3 |
> "custom" firmware to conduct regular checks: |
| 4 |
> http://www.youtube.com/watch?v=A9WVmNfgjtQ#t=2m24s |
| 5 |
> Apparently, the key used to check the kernel for modification is kept |
| 6 |
> in "read-only" firmware, along with "verifier logic" (hash test |
| 7 |
> cases?). If they're successful, perhaps Gentoo Hardened could adopt |
| 8 |
> these methods. |
| 9 |
Well, at least a part of that firmware should be overwritable with new hashes or otherwise I can assure you data tampering wouldn't be as dangerous as exploit using on outdated kernels.
|
| 10 |
|
| 11 |
The thing is, knowing where that firmware is you can reflash it with your new hashes so you'll foil the scheme. Of course this could take some time on a laptop (15 minutes tops) and you can be sure that somebody interested can get a replacement for the tamper proof parts.
|
| 12 |
|
| 13 |
BTW: I rather use a 1$ rubber hose. |
Archives