[coreboot] LinuxBIOS/coreboot and security
Torsten Duwe
duwe at lst.de
Thu Jan 31 11:25:59 CET 2008
On Wednesday 30 January 2008, Philipp Marek wrote:
> There are device being installed and handed out,
-> You're doomed :-) As Peter pointed out already.
> that should be as secure as possible.
This will make them as expensive as possible, see below.
[...]
> > Neither is this.
>
> No, this should illustrate my thoughts ... so you can tell me *where* I'm
> wrong.
Attack scenarios are evil things an opponent can do, like
* boot from his own CD
* exchange the hard disk
* run a fake login screen and wait for the admin
* ...
Think of as many as you can and then take countermeasures. Then think about
counter-countermeasures and so on, until the benefit for the attacker isn't
worth it any more. That's security.
Torsten
More information about the coreboot
mailing list