this post was submitted on 27 Nov 2024
256 points (95.7% liked)

Technology

75295 readers
4394 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
256
Found in the wild: The world’s first unkillable UEFI bootkit for Linux (arstechnica.com)
submitted 9 months ago by purrtastic@lemmy.nz to c/technology@lemmy.world
38 comments fedilink hide all child comments
 

“Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats,” ESET researchers wrote. “Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats.”

you are viewing a single comment's thread
view the rest of the comments
[–] Illecors@lemmy.cafe 74 points 9 months ago* (last edited 9 months ago) (25 children)

The Bootkitty sample ESET found is unable to override a defense, known as UEFI Secure Boot, that uses cryptographic signatures to ensure that each piece of software loaded during startup is trusted by a computer's manufacturer.

AKA not that big of a deal, yet. An article from another post about this also mentions GRUB explicitly as a requirement as well as PoC using self signed keys, which renders it sort of impossible to abuse.

UKI + your own keys + secure boot is still not broken.

[–] wewbull@feddit.uk 2 points 9 months ago (1 children)

This sounds like a good thing. I don't care if the manufacturer of my equipment trusts the software. I care if I trust it.

[–] Illecors@lemmy.cafe 1 points 9 months ago

It is a good thing!

load more comments (23 replies)