undefined | Better HN

0 pointsdannyw8y ago0 comments

The signed kernel keeps track of when it first has seen a certificate. That is signed by a kernel, so a rootkit can’t spoof unless the system is already compromised.

0 comments

MertsA8y ago

Even the kernel can't modify its own code and persist through a reboot. The kernel only loads signed code that isn't malicious, the bootloader only loads signed kernels that aren't malicious and don't allow you to run malicious code as ring 0, and the BIOS only loads signed bootloaders, etc. There's a root of trust from the hardware on down that makes sure that you cannot run unsigned code as ring 0 and if there's a compromise it can't persist through a reboot. Allowing the kernel to mark certain modules as "signed" like you're suggesting would allow a rootkit to install itself via some exploit. This would render moot the whole point of Secure Boot in the first place.

j / k navigate · click thread line to collapse

0 comments

MertsA8y ago

j / k navigate · click thread line to collapse