28 Jan
2008
28 Jan
'08
10:16 a.m.
On Monday 28 January 2008, Philipp Marek wrote:
Yepp. A defense strategy needs an attack scenario first.
The scenario is to protect the system installation against the user.
That's not an attack scenario.
- Using some operating system unencrypted - boot from a CD.
- Protect the boot order - reset the CMOS.
- Store important information in the CMOS.
Neither is this.
Coreboot will unconditionally launch its payload, so your interest should go there. Maybe you are also caught up too much in the conventional boot process; why does the password need to be stored in CMOS RAM and not on disk? Without knowing exactly what you are trying to protect against ( I know -- "the user" ) we cannot tell.
Torsten