The pervasiveness of secure boot has genuinely made things difficult for attackers - there'd have been no reason for the Black Lotus bootkit to jump through all the hoops it did if it weren't for secure boot, and the implementation of UEFI secure boot does make it possible to remediate in a way that wouldn't be the case without it.
But secure boot at the OS level (in the PC world, at least) is basically guaranteed to give users the ability to enable or disable it, change the policy to something that uses their own keys, and ensure that the system runs the software they want. When applied to firmware, that's not the case - if Boot Guard (or AMD's equivalent, Platform Secure Boot) is enabled, you don't get to replace your firmware with code you control. There's still a threat here (we've seen firmware-level attacks for pre-Boot Guard systems), but the question is whether the security benefit is worth the loss of freedom. I wrote about this a while back (https://mjg59.dreamwidth.org/58424.html) but I lean towards thinking that in most cases the defaults are bad, and if users want to lock themselves into only using vendor firmware that's something that users should be able to opt into.
Would it be sensible to make that choice using a good old fashioned jumper? For example, when the jumper is connected to pins 1 and 2, the firmware must be signed by a list of vendor-controlled keys; when the jumper is connected to pins 2 and 3, the firmware must be signed by a list of user-managed keys. That way, I can choose what kind of freedom makes sense for me. Most people value the freedom of not having to worry about firmware, while others value the freedom to use or create their own firmware.
No, because the entire point of this is to be resilient against physical attack - anyone re-flashing your firmware already has your case open and can just move the jumper while they're at it.
Taken to the extreme, someone with physical access could replace the whole unit, to something which has the malware pre installed.
A switch that can’t be controlled via software is at least more secure than the alternatives. If you check the jumper before booting up you can still be 100% sure even if someone previously flashed stuff onto it. Remember, it is called secure boot, not secure flash, so fw get verified again during boot up.
> Taken to the extreme, someone with physical access could replace the whole unit, to something which has the malware pre installed.
Not really. Secure Boot also guards access to tamper-resistant security modules like the TPM. Replacing the whole machine would never give you access to the old TPM. And if, for example, the disk is encrypted using using keys stored in the TPM, replacing the board won't work. Same even for OS-level keychains and credential stores even if the entire disk isn't encrypted.
if i have access to the tpm and the system, i can MitM it.
safeboot is perfect in a theoritical ideal vacum. something that bored reaearchers look and nod.
but keys leaking, hardware hacks, etc... are not even considered to not disturb the safety blanket everyone wrapped themselves with. yeah it makes it inconvenient for boot kits, bit that's it. if you can install os updates, i can install a boot kit
> if i have access to the tpm and the system, i can MitM it.
This is if you unlock your machine after an attacker has had physical access to it. "Evil maid" attacks are well-known (that is what these are called, someone installing MitM hardware on your computer). Whether contemporary machines are actually resistant to it in practice I am not sure.
However, all UEFI implementations (on PCs at least) allow anybody with physical access to disable Secure Boot, the classic method of just popping the button battery remaining valid to these days.
So, isn't this firmware protection with BootGuard only really meant to prevent rootkits from getting persistence?
PS: thanks for all the blog posts you share on the matter! they are really golden
> So, isn't this firmware protection with BootGuard only really meant to prevent rootkits from getting persistence?
I saw this "but it only prevent persistence" several times and I wonder...
Isn't preventing rootkit from getting persistence already a big win? Preventing a rootkit from getting persistence also means that should a new signed kernel contain a security fix fixing the hole the rootkit was exploiting be installed, the rootkit won't work at all anymore. The attacker now needs not only to root the machine at each boot, he also needs to cross fingers that a kernel patch closing the hole he's exploiting doesn't get installed (or he needs to both prevent the new kernel from being installed while, at the same time, managing to make believe it's been installed).
Which also raises the probability the exploit he's using at every boot gets detected at some point.
How is this a win for attackers?
Are black hat hackers really thinking "Great, BootGuard and SecureBoot are getting ubiquitous, everything up to the kernel loading is signed and enforced, so now things are easier for me!"?
Kind of true? If you disable secure boot at least on Windows BitLocker will no longer unlock your disk at boot, and so you'll need to enter the recovery code at least once.
If the target doesn't have BootGuard, you replace the firmware with one that pretends that Secure Boot is enabled even if it isn't and Bitlocker is unaware anything's changed.
Secure Boot configuration is usually stored in flash, not battery-backed CMOS, so on most boards won't be wiped if you simply remove the battery. But if you do have physical access you can simply rewrite that variable in flash to disable it - doing so will change the TPM measurements and so Bitlocker (or whatever) will complain, so it's not silent.
Then you don't need a jumper - you can trust the firmware to impose any policy you've set (re-flashing firmware is mediated by the firmware, so you can just have a setup option that lets you choose which signing keys are trusted)
Then netflix wont serve you HD content unless you run your OS with pin 1-2 setup as those are the only keys they "trust" :) This is what "trusted platform" is all about.
This would have such a niche market, but also be so wonderful. I would love to have a physical switch that toggles between, essentially, secure boot and a user-programmable boot.
>if users want to lock themselves into only using vendor firmware that's something that users should be able to opt into.
But even this is a potential risk all by itself if you aren't making sure this can only be done by someone with physical access to the hardware. Case in point is Dell and AMD EPYC CPUs that were locked to Dell firmware if they had been booted on a Dell motherboard in the past. It's bad enough that processors were being locked to Dell only without the user making the choice but that also allows for the possibility of some pretty potent ransomware. Not just holding data for ransom but holding hardware as well and with the same durable cryptographic guarantees.
Absolutely agree on here as Benjamin Franklin once said: "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
The freedom to choose which software runs on your computer is also the freedom to choose that certain software shouldn't run on your computer. The freedom to make that decision should be left up to the individuals rather than being imposed on them, but making an explicit choice that my computer should only run specific firmware builds is an expression of freedom, not a rejection of it.
Except that describes a fantasy reality and not our reality where the user has no say and even if you are lucky enough to be able to run the software that you want it won't have access to the keys demanded by third parties like the media industry. The mere existence of "trusted comuting" is a threat to free computing.
The key term there is “essential liberty”, by which he meant political rights. Choosing to delegate management of a computer’s firmware to a third party firstly isn’t giving away any political rights, and is a rational choice in some circumstances. It’s a choice I might make for some computers I own or operate, and not others. Suggesting that this choice has anything to do with what Franklin was talking about is nonsense on stilts.
Yes, delegating firmware management unaudited is giving away political rights. You do not know what is in there.
The ones who write the code make the rules. The ones who make the rules, wield power. Those that are attracted to the exercise of power, inevitably abuse it.
Trying to handwave that "computer says no" couldn't possibly be abused to political ends is literally shoving your head in the sand. DRM would not be a thing if computing was fundamentally apolitical.
Any code I didn’t write myself, from the ground up using no third party components, in a language I developed, ‘could’ possibly be abused in this way. Even then, do I have to also write the microcode in the chip as well, and supervise the fab? This extreme absolutist stance is completely non viable. I certainly don’t see how I could live life taking that level of extreme paranoid seriously, or how anyone could in an advanced technological society.
The whole point of laws and government is to outsource such concerns. That’s why free speech, the rule of law and democracy matter so much. Those are the essential freedoms he was talking about. Everything else is based on those, because with those you don’t need to trust the vendor, because your legal rights will be protected.
So sure, essential freedoms are exactly that, essential, but extending that to absurd lengths is fuzzy thinking that obscures what’s actually important by confusing it with things that aren’t practically attainable generally anyway.
Not OP, and I agree that freedom quote is definitely an overreaction in this sense.
Allow me to go off a bit of a tangent. I find this call for freedom much better than what is beaten into children/students in our schools in a small European country, namely Croatia. It is obedience, rote memorization, compliance, anti-individualism, hopelessness, anti-leadership and dependance. Ask any citizen over here what freedom even is, and people would stare at you blankly because frankly, very few would even know how to try to describe it.
For a normal citizen over here, it means what Government allows you to do. And now in my fourth decade in this country it is less and less. People are afraid to speak up because the Goverment is the biggest employer by far. Every forth citizen works for it (directly or indirectly). The previous generation could at least be always safe to have a home so if they get fired, they can try to get a job somewhere else. My generation (and the generation after me) have no economic freedom. I bet 99% of homes bought are with mortgage, so those are all owned by the banks, so people can lose those very easily. And they do. This is not America where jobs are like a revolving doors. People losing jobs here are very concerning thing and getting employed again is difficult. No wonder young people are emigrating en masse because they cannot afford anything here. At least somewhere else they have a chance at a normal life. Here, they'll be almost slaves their whole lives.
People here also don't know how to protest and self-organize, so protests are very rare. It also doesn't help that police is very active in supressing any kind of "undesirable" political activity. As my ex neigbour said (now deceased) who was a chief of regional branch of secret police: "everyone is doing something illegal, if you stick your head in certain matters it will get chopped, and there won't be newspaper articles about it."
When the government enacts laws to remove some remaining freedoms and rights, this goes here even without a whimper. Its not even a headline news. It is a non-news. "Well at least they didn't take away my TV, so all is fine." is a bit of a sarcastic reply from an average citizen here.
Just wanted to put this into a perspective when one would claim that Americans are over sensitive on "freedom fetishism". That's fine in my view, millions of people died for that freedom. For the most of the rest of the world, freedom probably just means something only rich people can afford.
Americans are very uncritically accepting of their system of government in general. It gets taught as this "wow, our system of checks and balances, isn't it amazing!?" and by and large is never criticized or substantially analyzed as to whether it's a system that produces good outcomes. It simply is.
The largest criticism imo is that it biases against action. Every dimensionality of the population gets represented (popular, geographic, regional, etc) and if any segment of the population disagrees, the whole process can be dragged to a halt. And as the Polish Sejm showed hundreds of years ago... the liberum veto is a terrible idea politically. And everyone knows that, but, what is the threshold at which it becomes a bad idea? 90% consensus? 70%? Pure majority? The US system requires very high consensus as some issues show - there are some issues with >90% popular support that still cannot get passed.
Consensus building is good but at the same time there always needs to be someone in the drivers' seat, the idea of "split government" in the sense of the executive and legislature being opposed is fundamentally and innately a bad idea that people just uncritically accept because that's how it is. Again, the executive being the leader of the coalition that controls the legislature is a good way to do that - and then we can work on making the legislature represent the population fairly in the desired ways.
Most of the problems with the US really boil down to "bias against action" and "split government" and "the senate in its entire conception". And federalism really is not great when taken to the degree that the US takes it, either, but again that's something where it's taught as "wow, federalism, how great!" and its downsides are never mentioned. Having regions of the country where human rights are 100 years in the past is pretty bad. Gay marriage wasn't constitutionally protected until like 10 years ago, and it was by court decree, not actual constitutional process. Texas just goes around killing people, some absurd % of the executions happen there and the evidentiary bar is quite low. Social services tend to be similarly scant in these regions and again, it’s not a good thing that states can just choose not to fund (or to place arbitrary restrictions on) senior care or other funding for vulnerable populations. Federalism is supposed to be backstopped by a minimum bar that in practice doesn’t exist in the states, in human rights or social services or many other areas.
Unfortunately, a lot of this was historically necessary to get the US built - you wouldn't have gotten the slave states onboard if they didn't have disproportionate representation and mechanisms for dragging abolitionism to a halt. And it's produced one civil war and a half-dozen-odd constitutional crises over the centuries. But that part gets separated away from the “design choices”, and people only hear the positive.
It's not that they're all inherently bad either but they're deliberate design-decisions that have consequences both positive and negative, they are "tech debt" from politicians who wanted to move quickly and break things, and now they're these sacred cows. And in hindsight some of those design-decisions have been ones that had immensely negative consequences and can't be easily undone... but they were necessary at the time.
> Americans are very uncritically accepting of their system of government in general. It gets taught as this "wow, our system of checks and balances, isn't it amazing!?" and by and large is never criticized or substantially analyzed as to whether it's a system that produces good outcomes.
Is this really different anywhere else? Pretty much all school I have been trhough (none of it in the US) has been 90% about deferring to authority if you really think about it.
But secure boot at the OS level (in the PC world, at least) is basically guaranteed to give users the ability to enable or disable it, change the policy to something that uses their own keys, and ensure that the system runs the software they want. When applied to firmware, that's not the case - if Boot Guard (or AMD's equivalent, Platform Secure Boot) is enabled, you don't get to replace your firmware with code you control. There's still a threat here (we've seen firmware-level attacks for pre-Boot Guard systems), but the question is whether the security benefit is worth the loss of freedom. I wrote about this a while back (https://mjg59.dreamwidth.org/58424.html) but I lean towards thinking that in most cases the defaults are bad, and if users want to lock themselves into only using vendor firmware that's something that users should be able to opt into.