| Maxdamantus | but ROMBL doesn't have a trusted public key that it uses for validating flashed images, does it? The point is that to prevent the attack, you need to prevent flashing of unauthentic UEFI images. | 03:12 |
|---|---|---|
| Maxdamantus | I suspect most UEFI systems can be "fixed" in the same way as NOLO can, by having a flasher in ROM that can reliably be invoked, but the goal should be to prevent it needing to be fixed. | 03:14 |
| Maxdamantus | or rather, prevent flashing of unauthentig images, or verify the image on boot. boot verification is probably simpler, since if you go the flash prevention way, you'll probably have to make it so flashing becomes impossible by the time UEFI boots. | 03:19 |
| Maxdamantus | tbh though, I was under the impression that iPhones already did something like that, where they have a public key burnt into ROM. | 03:35 |
| Maxdamantus | I'm also fairly sure my Android phone does it (OnePlus Nord N10), and other newer Android phones. | 03:36 |
| Maxdamantus | I've rooted my Android phone, and I've relocked the bootloader with my own key, so when booting, the firmware will tell me that it's using a custom key, and it shows a fingerprint of my key. | 03:38 |
| Maxdamantus | I can try to overwrite that firmware, since it exists as a partition that's writable from the OS, but I'm fairly sure it will refuse to boot at that point, and I would have to use the "firehose" mechanism to reflash the phone, which presumably destroys user data before loading the firmvare again. | 03:42 |
| Maxdamantus | similarly, when the bootloader is unlocked, it will also show a message indicating that the boot sequence has been tampered with. | 03:43 |
| pabs3 | personally I think it would be better to have all storage be removable, except the bootrom which isn't modifiable. then you just put the software you want in the storage device you want and boot it | 03:59 |
| Maxdamantus | I'm in favour of having trusted boot systems in order to prevent access to data on lost/stolen devices, which practically requires at least some storage in the CPU/SoC. Having everything else removable is fine by me. | 04:05 |
| Maxdamantus | https://alephsecurity.com/2018/01/22/qualcomm-edl-2/ | 04:10 |
| Maxdamantus | This seems to imply that the Qualcomm SoCs do indeed have a key in ROM as the root of trust, so you can only exploit it by loading a trusted but buggy firmware. | 04:12 |
| Maxdamantus | (and the solution to that is basically rollback prevention, though they say that not all OEMs do it) | 04:12 |
| Aikon | hey | 16:45 |
| Aikon | no one is ever online !! | 16:46 |
| sixwheeledbeast | .oO hmm | 18:04 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!