Difference between revisions of "Security"
From coreboot
(Start a security page.) |
|||
| Line 1: | Line 1: | ||
This page explains how coreboot can help with various security aspects of your system, compared to closed-source, legacy BIOS/EFI/firmware implementations. | This page explains how coreboot can help with various security aspects of your system, compared to closed-source, legacy BIOS/EFI/firmware implementations. | ||
| − | = | + | <div style="color:red">This page is work in progress!</div> |
== RAM wiping == | == RAM wiping == | ||
| + | |||
| + | * http://citp.princeton.edu/memory/ | ||
| + | * [[Coreinfo]] as demo payload for coreboot, [http://www.coreboot.org/images/3/3d/Coreinfo_ramdump.jpg showing your RAM contents after a cold boot]. | ||
== SMI issues == | == SMI issues == | ||
| + | |||
| + | * http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot.pdf | ||
| + | * http://tracker.coreboot.org/trac/coreboot/ticket/42 | ||
== ATA issues == | == ATA issues == | ||
| + | |||
| + | * http://coreboot.org/pipermail/coreboot/2005-May/011686.html | ||
| + | * http://www.heise.de/ct/english/05/08/172/ | ||
== BIOS password feature == | == BIOS password feature == | ||
| + | |||
| + | * [[Bayou]] / [[coreinfo]] based "BIOS password" feature, using SHA-1 hashes stored in NVRAM or the (flash) ROM chip. | ||
== Firewire issues == | == Firewire issues == | ||
| + | |||
| + | * http://md.hudora.de/presentations/firewire/ | ||
| + | * http://www.hermann-uwe.de/blog/physical-memory-attacks-via-firewire-dma-part-1-overview-and-mitigation | ||
| + | |||
| + | == TPM issues == | ||
| + | |||
| + | * http://tracker.coreboot.org/trac/coreboot/ticket/49 | ||
Revision as of 20:58, 19 October 2008
This page explains how coreboot can help with various security aspects of your system, compared to closed-source, legacy BIOS/EFI/firmware implementations.
This page is work in progress!
Contents |
RAM wiping
- http://citp.princeton.edu/memory/
- Coreinfo as demo payload for coreboot, showing your RAM contents after a cold boot.
SMI issues
- http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot.pdf
- http://tracker.coreboot.org/trac/coreboot/ticket/42
ATA issues
- http://coreboot.org/pipermail/coreboot/2005-May/011686.html
- http://www.heise.de/ct/english/05/08/172/
BIOS password feature
- Bayou / coreinfo based "BIOS password" feature, using SHA-1 hashes stored in NVRAM or the (flash) ROM chip.
Firewire issues
- http://md.hudora.de/presentations/firewire/
- http://www.hermann-uwe.de/blog/physical-memory-attacks-via-firewire-dma-part-1-overview-and-mitigation
