It’s very simple logic: I am claiming that Heads increases protection by non-trivial amounts, while you are claiming it’s trivial. If it’s so trivial it should only take you an hour or so to whip up a compromised coreboot+Heads with the required characteristics. Since you and I both know that you can’t, you keep trying to deflect.
I don’t need to be able to lay eggs to know if an egg is good or bad. I could spend my time writing up an attack, but why would I?
Again, the idea for the attack is extremely simple and it’s only a matter of implementing it, not actual security research because there is no need for an exploit at all.
- Get the BIOS dump with a programmer.
- See what the results are supposed to be with the dump. What is being measured here is public so you can figure out wha the values are supposed to be.
- Just remove the measurement code and then lie about what the measurement results are.
I don’t see how this is rocket science.
As for X11, do you know how joanna made her point about X11 making root pw sniffing easy? She provided a PoC.
Her POC is literally just a program made by someone so she can easily demonstrate out insecure X11 is. She could have not even mentioned it and it still doesn’t make it any less true because the weakness is common knowledge.
If you asked me how to attack Boot Guard, I wouldn’t even have a vague idea of how to. I can’t just magically get the private key of my OEM (unless it’s some jackwagon OEM like MSI), and I can’t just tamper with the BIOS willy nilly because BootGuard will stop me. Changing BIOS settings using a programmer will still result in PCR 1 changing (unless the BIOS itself is bad and doesn’t report the important changes). Downgrading the BIOS version will result in PCR 0 changing. Attacking this stuff requires actual research into the implementation of these firmware and exploitation (the kind that Binarly does). I cannot just sit here and point out something very obviously wrong with the logic like I do with Heads.
Why wouldn’t I notice? This is just more of your shtick about the oh-so trivial own that you can’t demonstrate. Again, the point of Heads isn’t to make an undetected attack impossible but to significantly raise the bar. The fact that you keep spending time replying here instead of providing the PoC and be done proving your point, is one more piece of evidence that Heads succeeds in this.
This is just a nonsense personal attack at this point. Coding the piece of malicious firmware takes a bit of work and time, but the actual flashing is about as hard as flashing any regular BIOS. You wouldn’t notice.
If you think that you will magically notice tampering with your eyes (checking your nail polish or whatever), then you don’t even need Heads to begin with. Just use Coreboot + SeaBIOS. You can reflash them everytime you “think” tampering has happened, right? Why even need the whole fancy HOTP/TOTP stuff. Such complexity.
There is no circular logic. Provide the formal syllogism that shows it’s circular. You will either have to assume things I didn’t claim or commit logical fallacies.
How many times do I need to explain this?
- Head’s entire point is to check if itself or the boot files have been tampered with by doing the measurements and send the measurements.
- If the measurement matches, the TPM unseal the secret, and that is the basis for your HOTP/TOTP.
- Nothing stopping an attacker from flashing malicious firmware.
- Nothing stopping the malicious firmware from lying.
- What is being measured can be found out by looking at the source.
Essentially, you are trying to make sure the firmware isn’t malicious by checking the measurement it gives you. But nothing is stopping it from lying. That is the circular logic.
In a normal sane UEFI computer, the “Nothing stopping an attacker from flashing malicious firmware.” is solved by Boot Guard preventing the computer from booting if the signature doesn’t match what it expects. Trying to downgrade the firmware version will mess up PCR0 because BootGuard will report the changes in PCR0 (which the firmware itself can’t change). Trying to mess with the firmware settings (not protected by BootGuard) will result in PCR1 being changed by the firmware itself. You can bind Bitlocker or systemd-cryptenroll to these PCR for real tamper detection. No weird circular logic here.
- The attacker cannot flash their own malicious firmware.
- Even if an attacker fully compromise an older version of your firmware and make it lie about the measurement of PCR1 and above, they cannot make it lie to PCR 0 because it cannot edit it.
- Certain vendors like Dell blow fuses after a security update, so the attacker can’t even downgrade to begin with.
With stuff like AEM/Trenchboot, SINIT (signed by Intel) stores the measurements in PCR 17-18. If you try to tamper with boot files, boot policies or SINIT itself those PCR will change. I am pretty sure you cannot just load unsigned code into intel TXT either.
I do not see anything wrong in the logic with normal UEFI secure boot or AEM/Trenchboot. Obviously, I could just be missing something, but you have not pointed out what’s actually wrong with the logic and just say it’s “proprietary”. That is not a technical argument.
I’m talking about signing with the private key that you, with your Boot Guard etc., trust ultimately, which is out of your control and owned by people who care not one bit about you. I’m not talking about my keys.
You don’t even have a root of trust with Heads to begin with. What’s worse? A root of trust with keys controlled by other people, or no root of trust at all?
Heads literally tries to put the root of trust in the boot block, but said boot clock is not verified or write protected by anything. So effectively you have nothing.
That’s your argument? I told you already, this is not a dialectic. Just because Intel won’t take heavy losses from introducing another Spectre doesn’t mean they won’t allow use of the literally pre-installed backdoors , which comes at little cost to them.
What preinstalled backdoor?
Again you’re ignoring my arguments…it doesn’t take a full mitigation to achieve security and it was you who claimed that we need to have the manufacturer intervene, as if no other approach is possible.
What kind of argument is this? So you are saying that your computer with known Spectre vulnerabilities is reasonably secure? By that logic, why don’t you remove microcode updates from dom0 too. Qubes installs it by default. So proprietary! Must be a backdoor right there! So sus!
You think your magical boot guard protects you fully from non-government actors? You think the code you run has no bugs? Are you really that naive? And this is, yet again, a misrepresentation of my argument; I explicitly mentioned non-intentional compromise as well as the issue with software always being buggy to some extent. If your position is so strong, why do you have to keep misrepresenting my arguments?
This is a strawman argument. The logic with Boot Guard isn’t completely insane, so an attacker needs to implement a real backdoor or find an exploit (like Binarly did!) to actually compromise a computer with it. No one said the code I run had no bugs, lol.
The point here is that you don’t even need a real backdoor or an exploit because the logic with Heads is so broken that an attacker can attack you without them.
This is like your prayer or something…repeating things doesn’t make them true, didn’t anyone tell you that?
Ah, another personal attack with no technical merits. Classic.
No it doesn’t. The backdoor is already in place and the bugs don’t go away just because someone signed something somewhere.
What backdoor?
In any case, as moderation has now also stepped in, I don’t see the point of further discussion.
Good. Stop stating your opinions over and over like you accused me of and actual give technical arguments.
Your entire position rests on asserting something as trivial that you can’t even demonstrate, while constantly misrepresenting my arguments.
You still have not explained why trusting the boot firmware to tell you that it is not malicious is not circular logic.