"Bootkitty": The First UEFI Bootkit Targeting Linux Systems

(cyberinsider.com)

19 points | by voxadam 2 days ago

3 comments

  • 65a a day ago

    I don't see how enabling secure boot helps here, since UEFI is responsible for enforcing that and is compromised. I'm sure some might recommend more roots of trust and signing down and verification that starts at the chipset, but I'd recommend an alternative with less attack surface and better user control: a jumper.

    • vladvasiliu a day ago

      The article specifically says this is self-signed so won’t work with SecureBoot enabled.

      This is technically a bootloader, so it has to find a way to get loaded by the UEFI. The article doesn’t say it’s able to do that, the guys has to manually trust the signing certificate or disable secureboot.

      • 65a a day ago

        I assumed they had jammed a new DXE into the UEFI capsule, which would probably be able to subvert secure boot.