Re: [DNG] UEFI Secure Boot workaround?

[Rainer Weikusat]

Didier Kryn  writes:
> Le 04/03/2016 12:42, Arnt Gulbrandsen a écrit :
>> Didier Kryn writes:
>>> Insert a Knoppix Cdrom, mount your home and read it. If UEFI
>>> refuses to boot the Knoppix disk, use the Debian installer.
>>
>> Mounting the home (using either knoppix or d-i) requires the luks
>> passphrase. You could get that passphrase if you're able to install
>> a keysniffing kernel that my boot loader trusts, and give me the
>> laptop back. Or perform some other attack that either bypasses luks
>> or obtains the password.
>>
>> Arnt
>>
> Booting from removable media bypasses the bootloader (does it
> bypass UEFI?). Therefore it is enough to have a live OS on removable
> media, equipped with this keysniffing kernel. But, sure, as
> Dr. Nikolaus Klepp writes, it suffices to plug the disk into another
> computer.
>
> I wonder if this UEFI thingy is anything else than a pure annoyance.

It's designed to be useful to the people "PC hardware vendors" have a
reason to care for, IOW, Microsoft, Microsoft and Microsoft. Probably
for no more nefarious reasons make "software and content
'piracy'" more difficult by ensuring that "ordinary users" can't run
software enabling them to do so.

That it additionally requires some amount of "jailbreaking" in order to
install "Linux system software" the usual suspects disapprove of is
probably just a side effect.

BTW,

https://citp.princeton.edu/research/memory/
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI Secure Boot workaround?

[Simon Hobson]

Arnt Gulbrandsen  wrote:

> Simon Hobson writes:
>> Not really, but I don't see any sign of that as a question in the post I was 
>> replying to !
> 
> You said secure boot's security is blown out of the water because it's 
> possible to run untrusted code under certain circumstances.

Pretty much

> IMHO it provides useful security because (absent mistakes by the owner) there 
> are many attackers who cannot make use of those circumstances.

Not really, it comes down to "anyone with physical access to your hardware" can 
fiddle with the boot process. With the ability to run an "insecure" boot 
package, you have the opportunity to interject in the process - such as capture 
your password unlocking the encrypted root volume.
Full disk encryption won't help unless it's handled by the BIOS/EFI, having 
full disk encryption done by the kernel means that (as a minimum) you need a 
volume unencrypted with a bootloader, kernel, and init filesystem.

Really, it comes down to that group of "many attackers who cannot make use of 
those circumstances" is really the same set that can't attack your boot process 
because they don't have physical access to the machine (or remote admin ability 
while it's running). In this situation, the security added by secure boot is 
roughly ... a bit of a hindrance, but no obstacle to someone who knows what 
they are doing.

The only way round that is for there to be no "insecure" signed bootloaders in 
existence. But because that situation pretty well kills "open" operating 
systems, that is not the case.

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI Secure Boot workaround?

[Dr. Nikolaus Klepp]

Am Freitag, 4. März 2016 schrieb Arnt Gulbrandsen:
> Dr. Nikolaus Klepp writes:
> > Am Freitag, 4. März 2016 schrieb Arnt Gulbrandsen:
> >> You said secure boot's security is blown out of the water because it's 
> >> possible to run untrusted code under certain circumstances. IMHO it 
> >> provides useful security because (absent mistakes by the owner) there are 
> >> many attackers who cannot make use of those circumstances.
> >
> > In most cases a 50¢ screwdriver will make those unlikely 
> > circumstances reality. Lawful inspection, anyone?
> 
> Not using full disk encryption is a bad, bad mistake. So what?

Austrian economy looses ~ 1.600.000.000,- € every year becaus of "friendly" 
espionage (this is an official number given by BMI). ~ 800.000 notebooks are 
stolen worldwide every year. Guess what full disc encryption will give you for 
a security benefit.

Nik


-- 
Please do not email me anything that you are not comfortable also sharing with 
the NSA.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI Secure Boot workaround?

[Didier Kryn]

Le 04/03/2016 12:42, Arnt Gulbrandsen a écrit :

Didier Kryn writes:
Insert a Knoppix Cdrom, mount your home and read it. If UEFI 
refuses to boot the Knoppix disk, use the Debian installer.


Mounting the home (using either knoppix or d-i) requires the luks 
passphrase. You could get that passphrase if you're able to install a 
keysniffing kernel that my boot loader trusts, and give me the laptop 
back. Or perform some other attack that either bypasses luks or 
obtains the password.


Arnt

Booting from removable media bypasses the bootloader (does it 
bypass UEFI?). Therefore it is enough to have a live OS on removable 
media, equipped with this keysniffing kernel. But, sure, as Dr. Nikolaus 
Klepp writes, it suffices to plug the disk into another computer.


I wonder if this UEFI thingy is anything else than a pure annoyance.

Didier

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI Secure Boot workaround?

[Arnt Gulbrandsen]

Dr. Nikolaus Klepp writes:

Am Freitag, 4. März 2016 schrieb Arnt Gulbrandsen:
You said secure boot's security is blown out of the water because it's 
possible to run untrusted code under certain circumstances. IMHO it 
provides useful security because (absent mistakes by the owner) there are 
many attackers who cannot make use of those circumstances.


In most cases a 50¢ screwdriver will make those unlikely 
circumstances reality. Lawful inspection, anyone?


Not using full disk encryption is a bad, bad mistake. So what?

Arnt

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI Secure Boot workaround?

[Dr. Nikolaus Klepp]

Am Freitag, 4. März 2016 schrieb Arnt Gulbrandsen:
> Simon Hobson writes:
> > Not really, but I don't see any sign of that as a question in 
> > the post I was replying to !
> 
> You said secure boot's security is blown out of the water because it's 
> possible to run untrusted code under certain circumstances. IMHO it 
> provides useful security because (absent mistakes by the owner) there are 
> many attackers who cannot make use of those circumstances.

In most cases a 50¢ screwdriver will make those unlikely circumstances reality. 
Lawful inspection, anyone?

nik


-- 
Please do not email me anything that you are not comfortable also sharing with 
the NSA.
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI Secure Boot workaround?

[Arnt Gulbrandsen]

Simon Hobson writes:
Not really, but I don't see any sign of that as a question in 
the post I was replying to !


You said secure boot's security is blown out of the water because it's 
possible to run untrusted code under certain circumstances. IMHO it 
provides useful security because (absent mistakes by the owner) there are 
many attackers who cannot make use of those circumstances.


Arnt

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI Secure Boot workaround?

[Simon Hobson]

Arnt Gulbrandsen  wrote:

> Simon Hobson writes:
>> Isn't it the bootloader that UEFI loads and runs, and as long as the 
>> bootloader (Grub) is signed, then UEFI should boot it and grub can boot 
>> anything you want. Kind of blasts the argument that secure boot is either 
>> essential or secure out of the water when you can sign one bit of 
>> "insecure"* code and have it load anything.
> 
> I wonder if you misunderstand, perhaps...

Evidently ...

> I have a linux laptop with data you shouldn't access. You may assume it's 
> sensibly configured (secure boot, luks, etc, but standard hardware, no 
> epoxy). Can you explain to me how you would evade its security?

Not really, but I don't see any sign of that as a question in the post I was 
replying to !

But just thinking off the top of my head ...
The bootloader can't be on an encrypted partition, unless the EFI supports 
that. So you have part of the boot process which isn't secured. Therefore 
anyone with access to the hardware can interfere with the bootloader and in 
theory, that could include booting the kernel in some non-standard way. It's 
not beyond the bounds of possibility to sniff the password* for unlocking your 
encrypted volume and storing that for later retrieval before booting your 
chosen setup without further modification.

* I'mm assuming that to access the encrypted volumes, either the key must be 
accessible to the bootloader (and hence to any other signed bootloader someone 
might install), or there is a password needed to unlock it (in which case 
there's scope for sniffing the keystrokes).


The way round this is a completely secure boot process - where the bootloader 
needs to be signed, and will only load signed configs, and will only run signed 
binaries, and so on. This is much as certain organisations have been trying to 
push for a while - against a "certain amount of pushback" from those of us who 
want to be able to run what we want on our own hardware. The fact that we have 
a "signed" bootloader that will load unsigned configs and binaries (ie our 
choice of kernel) makes a hole in the system.

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI Secure Boot workaround?

[Didier Kryn]

Le 04/03/2016 12:10, Arnt Gulbrandsen a écrit :

Simon Hobson writes:
Isn't it the bootloader that UEFI loads and runs, and as long as the 
bootloader (Grub) is signed, then UEFI should boot it and grub can 
boot anything you want. Kind of blasts the argument that secure boot 
is either essential or secure out of the water when you can sign one 
bit of "insecure"* code and have it load anything.


I wonder if you misunderstand, perhaps...

I have a linux laptop with data you shouldn't access. You may assume 
it's sensibly configured (secure boot, luks, etc, but standard 
hardware, no epoxy). Can you explain to me how you would evade its 
security? I'm not interested in how I could misconfigure it, because 
I'm not worried about attacks by myself. Assuming I configured it 
sensibly, how would you either access the data or install 
password-sniffing software?


Arnt


Insert a Knoppix Cdrom, mount your home and read it. If UEFI 
refuses to boot the Knoppix disk, use the Debian installer.


I can see two ways to protect data: protect the laptop, or crypt 
the data.


Didier

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI Secure Boot workaround?

[Arnt Gulbrandsen]

Simon Hobson writes:
Isn't it the bootloader that UEFI loads and runs, and as long 
as the bootloader (Grub) is signed, then UEFI should boot it and 
grub can boot anything you want. Kind of blasts the argument 
that secure boot is either essential or secure out of the water 
when you can sign one bit of "insecure"* code and have it load 
anything.


I wonder if you misunderstand, perhaps...

I have a linux laptop with data you shouldn't access. You may assume it's 
sensibly configured (secure boot, luks, etc, but standard hardware, no 
epoxy). Can you explain to me how you would evade its security? I'm not 
interested in how I could misconfigure it, because I'm not worried about 
attacks by myself. Assuming I configured it sensibly, how would you either 
access the data or install password-sniffing software?


Arnt

___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng

Re: [DNG] UEFI Secure Boot workaround?

[Edward Bartolo]

Ooops, sorry, I was of the impression I was using a forum.

On 04/03/2016, Edward Bartolo  wrote:
> Hi,
>
> I think, with a signed Linux kernel, UEFI Secure Boot can be made to
> load any other unsigned Linux kernel, which would imply, any
> distribution would be possible to be booted.
>
> How I imagine it can be done:[list]
> [*]boot partition would contain a signed Linux kernel which UEFI loads
> as soon as the boot sequence starts
> [*]the signed kernel would run a simple program that loads a
> bootloader like GRUB2
> [*]the bootloader would continue as it normally does[/list]
>
___
Dng mailing list
Dng@lists.dyne.org
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng