[coreboot] LinuxBIOS/coreboot and security

Torsten Duwe duwe at lst.de
Mon Jan 28 11:16:01 CET 2008

On Monday 28 January 2008, Philipp Marek wrote:

> > Yepp. A defense strategy needs an attack scenario first.

> The scenario is to protect the system installation against the user.

That's not an attack scenario.

> - Using some operating system unencrypted - boot from a CD.
> - Protect the boot order - reset the CMOS.
> - Store important information in the CMOS.

Neither is this.

Coreboot will unconditionally launch its payload, so your interest should go 
there. Maybe you are also caught up too much in the conventional boot 
process; why does the password need to be stored in CMOS RAM and not on disk? 
Without knowing exactly what you are trying to protect against ( I 
know -- "the user" ) we cannot tell.


More information about the coreboot mailing list