On Sat, Dec 19, 2015 at 4:06 PM, Grant Edwards <grant.b.edwa...@gmail.com> wrote: > On 2015-12-19, Mick <michaelkintz...@gmail.com> wrote: > >> http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html > > If somebody can touch your computer while it's booting, the game's > over anyway... >
Actually, not necessarily, though there is still room to go. With a TPM-backed full disk encryption scheme you can basically prevent most attacks based on physical control. If you were to go a step further and secure RAM and bus IO (we're not quite there yet) you could probably make almost any hardware attack completely impractical. If you have TPM-backed encryption and you assume the software itself is secure then to attack it you're going to have to actually intercept data off the bus, or from RAM. You certainly can't just install some rootkit by booting from alternate media, or remove the drives and attack them from another device you control. That is, unless you defeat the TPM, which is certainly within the realm of the laws of physics, but in practice everything about a TPM's design is intended to prevent that attack. -- Rich