CyberTech Rambler

October 12, 2012

Bypassing Secure Boot

Filed under: Uncategorized — ctrambler @ 7:45 am

The situation of SecureBoot for people wanting to install their own operating system is bad. Really bad. They put so much technical hurdle in the name of security that most people will just not be able to do it. To make matter worse, the security would not work in the way Joe Users understand. While locking out genuine operating systems, it does not stop malicious operating system from signing their own keys and use SecureBoot. The critical element of a Trusted Authority is not there, nor is it likely to appear anytime soon.

You can turn SecureBoot off. But a lot of operating systems, proprietary and open source alike, will probably do not like this and stop you from using them. So, the logical solution is to create a key that actually boots to multiple operating systems. In effect, bypassing SecureBoot.

That is precisely what the Linux Foundation is working on. It claims that it will require user to specifically authorize operating systems on a splash screen. That is, however, just a matter of time someone figure out how to bypass that screen. I cannot say LF’s system is a not a desirable solution as I can see its advantage, in particular, returning control  of your computer back to you. What I will say is, use it with care.

I am sure creators of SecureBoot is aware of the possibility of having a signed key that will boot to any systems is possible. That is why they will not be surprised. In fact I will not be surprised if they claim that this is within the philosophy of SecureBoot: We just allowed signed operating system to boot. As long as it is signed, we don’t care who signed it. It is a buyer-beware situation. That is precisely the philosophy that makes SecureBoot fails in its promise.

Advertisements

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: