|
|
|
| Authored by: globularity on Thursday, August 16 2012 @ 11:28 PM EDT |
While the operating system is a major security, a trusted operating system and
software stack can be booted from CD.
The biggest security holes in modern computers is the platform. UEFI is a
monster sized BIOS, big enough to hide any amount of malware, combine that with
ability to flash the bios with a USB stick or from the operating system and the
lack of non USB peripherals and you have a problem.
Lets take a typical attack scenario, the knows the victims platform and prepares
a new bios on a USB stick, unplugs the keyboard and boots the machine placing
the modified bios on the machine, very difficult to detect. In the past removing
floppy drives and disabling USB ports was enough to physically secure a machine,
the mouse and keyboard could use the secure PS/2 or serial interfaces. The older
EPROM BIOSes were immune from any attack other than changing the chip.
Then there is that insecure boot junk, which actively prevents you from loading
a known good OS and software stack.
---
Windows vista, a marriage between operating system and trojan horse.[ Reply to This | Parent | # ]
|
|
|
|
|
