[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Linux Foundation' Linux workstation security checklist

To: Georgi Guninski <[email protected]>
Subject: Linux Foundation' Linux workstation security checklist
From: [email protected] (coderman)
Date: Tue, 1 Sep 2015 07:55:39 -0700
Cc: [email protected]
In-reply-to: <[email protected]$>
References: <[email protected]$> <[email protected]> <CAJVRA1RUUdzgO61HCuYvfyK6+05T=2FTyhSUBAw6G8n-AOvhNQ@mail.gmail.com> <[email protected]$>

On 9/1/15, Georgi Guninski <[email protected]> wrote:
> ...
> They protect against trojanized (off the shelf) BIOS.

prevents trojan / arb exec from persistence via BIOS.

prevents surreptitious FDE keylogger via BIOS hooks.

yes, also off the shelf attacks. which is nearly all of them. :)
 [ see also HackingTeam dump, and research examples ]

> If an adversary has sufficient supply of application and
> root sploits, how much they will protect you?

separate question; see also defense in depth.

however, a robust bespoke BIOS beats otherwise cascade catastrophe.

> Instead of rootkit they will root you every boot IMHO.

this also has a different visibility, as executing in priv. or user
context & addr space.

also why "throw away" VMs per Qubes or Live OS images a useful
technique to avoid attempted persistence via weird machines gone
rogue...

best regards,

References:
- Linux Foundation' Linux workstation security checklist
  - From: [email protected] (Georgi Guninski)

Prev by Date: Linux Foundation' Linux workstation security checklist
Next by Date: Linux Foundation' Linux workstation security checklist
Previous by thread: Linux Foundation' Linux workstation security checklist
Next by thread: Linux Foundation' Linux workstation security checklist
Index(es):
- Date
- Thread