undefined | Better HN

0 pointsbigfatkitten1y ago0 comments

Both userspace or externally, including the boot ROM, from Windows or Linux.

You could flash coreboot and run your own secure boot chain etc on one machine, but this is absolutely not something you can do at organisational scale.

That said, only individuals worried about foreign intelligence services need to incorporate this into their threat model.

0 comments

PrimaryAlibi1y ago

How would it be done externally? Is it done same way as flashing the boot rom? You just need to know where the chip is for the other components? No 0-days needed? Or do you need a 0-day to do this? Is that why you think only foreign intelligence agencies are the ones who can do this? Also assume that the bios is password protected and it's configured in bios to not boot from a USB drive.

bigfatkittenOP1y ago

> How would it be done externally? Is it done same way as flashing the boot rom?

Depends on the device.

> Is that why you think only foreign intelligence agencies are the ones who can do this?

Because it's enough work that nobody else would bother.

> Also assume that the bios is password protected and it's configured in bios to not boot from a USB drive.

BIOS password is an administrative control. It doesn't stop anyone with the ability to flash firmware from doing anything.

PrimaryAlibi1y ago

These are the type of vague answers i said i didn't want because they are not helpful. How do i know if you really know what you are talking about? No explanations or links to sources. "depends on the device" is almost not an answer at all.

BIOS password does help if they need to be able to boot from usb drive to flash firmware. Or do you know another way? Again, not talking about boot rom.

1 more reply

j / k navigate · click thread line to collapse

0 pointsbigfatkitten1y ago0 comments

Both userspace or externally, including the boot ROM, from Windows or Linux.

You could flash coreboot and run your own secure boot chain etc on one machine, but this is absolutely not something you can do at organisational scale.

That said, only individuals worried about foreign intelligence services need to incorporate this into their threat model.

0 comments

PrimaryAlibi1y ago

bigfatkittenOP1y ago

> How would it be done externally? Is it done same way as flashing the boot rom?

Depends on the device.

> Is that why you think only foreign intelligence agencies are the ones who can do this?

Because it's enough work that nobody else would bother.

> Also assume that the bios is password protected and it's configured in bios to not boot from a USB drive.

BIOS password is an administrative control. It doesn't stop anyone with the ability to flash firmware from doing anything.

PrimaryAlibi1y ago

BIOS password does help if they need to be able to boot from usb drive to flash firmware. Or do you know another way? Again, not talking about boot rom.

1 more reply

j / k navigate · click thread line to collapse