Random comments on LinuxBIOS

Peter Stuge stuge-linuxbios at cdy.org
Thu Apr 17 12:02:33 CEST 2003

On Thu, Apr 17, 2003 at 10:59:07AM -0400, Adam Agnew wrote:
> A lot of things like that in the description weren't implemented by
> choice. All we've done is to check elf image signatures so far. I think
> you'd agree that's the only part that was really necessary towards
> getting an operating system up in a trusted state. As long as you
> confine execution to elf images, you can continue to chain along.. As far
> as etherboot goes, same rules. No need to worry about individual packets.
> I'm just going to check the signature once it all arrives anyway.

I may be missing something (please tell me!) but is there any real point in
checking signatures when the checking and the public key isn't done in
hardware, like in the X-Box?

If the OS allows a complete write of the memory area where data, signatures
or public keys are stored, this allows the administrator to distribute
updated versions of the code using only software.  It will allow the hacker
to do the exact same thing however.

If the OS doesn't allow a complete write of that memory, no automated
lowlevel firmware updates will be possible either for root or r00t.

How does it become secure?
(Yeah, I should read the patent.  Will it answer the question?)


More information about the coreboot mailing list