SoylentNews is people
SoylentNews
Lucian Constantin writes at PC World that with the increasing number of 64-bit systems, experts say the incentive is growing for attackers to invest in methods of bypassing defenses like the PatchGuard kernel patching protection and the digital signature enforcement for drivers. "These protections have certainly increased the cost to build and deploy rootkits on 64-bit platforms," say McAfee researchers but roadblocks set in place by 64-bit systems now appear to be "mere speed bumps for well-organized attackers", who have already found ways to gain entry at the kernel level."
The Secure Boot feature of the Unified Extensible Firmware Interface (UEFI) the BIOS replacement in newer computers-was designed specifically to prevent the installation of bootkits. It works by checking that the boot code inside the MBR is on a pre-approved whitelist and is digitally signed before executing it. However, over the past year security researchers have found several vulnerabilities in UEFI implementations used by many computer manufacturers that can be exploited from inside the OS to disable Secure Boot. Mitre security researcher Corey Kallenberg estimates that Secure Boot can be bypassed on about half of the computers that have the feature enabled. According to Kallenberg, OEMs have started to pay a lot more attention to BIOS security research and have started to react over the past year. "I think we're finally at a place where you'll see OEMs take this more seriously."
(Score: 1) by jbruchon on Friday June 27 2014, @03:25AM
To some extent you are confusing UEFI and Secure Boot. UEFI is generally a Good Thing(TM) because what it brings to the table is the ability to act as a much more intelligent boot loader than the traditional MBR/boot sector system. The MBR limitation has been a major thorn for decades; every other computer architecture graduated to advanced startup environments a really long time ago (EFI, OpenFirmware, ARC, etc.) but the "IBM PC compatible" has been stuck in the early 1980s since its inception. We now have computer startup code that can not only load your OS kernel for you (instead of just a 512-byte boot sector) but also provides a whole host of advanced services to whatever UEFI-compatible bootstrap you use. It's effectively a modern tiny OS, as it should be.
Secure Boot is the thing that you're expressing disgust with. I agree with you. If I could always inject my own keys on any compliant platform, it'd be quite different, but on quite a few systems there is only one allowed key: Microsoft's signing key. Worse yet, many laptops ship with a UEFI BIOS that doesn't allow you to load a CSM for booting non-UEFI systems, and to open that option up you have to flash the UEFI BIOS to a newer version. An Acer I recently ran into had this issue, plus you couldn't even turn off Secure Boot without setting a BIOS supervisor password first! There is NO FUCKING EXCUSE for that kind of nonsense.
I'm just here to listen to the latest song about butts.