[coreboot] LinuxBIOS/coreboot and security

Torsten Duwe duwe at lst.de
Thu Jan 31 11:25:59 CET 2008


On Wednesday 30 January 2008, Philipp Marek wrote:

> There are device being installed and handed out,

-> You're doomed :-) As Peter pointed out already.

> that should be as secure as possible. 

This will make them as expensive as possible, see below.

[...]
> > Neither is this.
>
> No, this should illustrate my thoughts ... so you can tell me *where* I'm
> wrong.

Attack scenarios are evil things an opponent can do, like
* boot from his own CD
* exchange the hard disk
* run a fake login screen and wait for the admin
* ...
Think of as many as you can and then take countermeasures. Then think about 
counter-countermeasures and so on, until the benefit for the attacker isn't 
worth it any more. That's security.

	Torsten




More information about the coreboot mailing list