Difference between revisions of "Security"

From coreboot
Jump to: navigation, search
(Start a security page.)
 
Line 1: Line 1:
 
This page explains how coreboot can help with various security aspects of your system, compared to closed-source, legacy BIOS/EFI/firmware implementations.
 
This page explains how coreboot can help with various security aspects of your system, compared to closed-source, legacy BIOS/EFI/firmware implementations.
  
== Introduction ==
+
<div style="color:red">This page is work in progress!</div>
  
 
== RAM wiping ==
 
== RAM wiping ==
 +
 +
* http://citp.princeton.edu/memory/
 +
* [[Coreinfo]] as demo payload for coreboot, [http://www.coreboot.org/images/3/3d/Coreinfo_ramdump.jpg showing your RAM contents after a cold boot].
  
 
== SMI issues ==
 
== SMI issues ==
 +
 +
* http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot.pdf
 +
* http://tracker.coreboot.org/trac/coreboot/ticket/42
  
 
== ATA issues ==
 
== ATA issues ==
 +
 +
* http://coreboot.org/pipermail/coreboot/2005-May/011686.html
 +
* http://www.heise.de/ct/english/05/08/172/
  
 
== BIOS password feature ==
 
== BIOS password feature ==
 +
 +
* [[Bayou]] / [[coreinfo]] based "BIOS password" feature, using SHA-1 hashes stored in NVRAM or the (flash) ROM chip.
  
 
== Firewire issues ==
 
== Firewire issues ==
 +
 +
* http://md.hudora.de/presentations/firewire/
 +
* http://www.hermann-uwe.de/blog/physical-memory-attacks-via-firewire-dma-part-1-overview-and-mitigation
 +
 +
== TPM issues ==
 +
 +
* http://tracker.coreboot.org/trac/coreboot/ticket/49

Revision as of 20:58, 19 October 2008

This page explains how coreboot can help with various security aspects of your system, compared to closed-source, legacy BIOS/EFI/firmware implementations.

This page is work in progress!

RAM wiping

SMI issues

ATA issues

BIOS password feature

  • Bayou / coreinfo based "BIOS password" feature, using SHA-1 hashes stored in NVRAM or the (flash) ROM chip.

Firewire issues

TPM issues