Linux Lite Forums
General => On Topic => Topic started by: TheDead on October 14, 2018, 10:13:38 AM
-
Good day people of the intertubes,
One of my co-worker sent me this article last week.There has been UEFI problems in the past and Jerry and the Linux Team wisely chose to keep using BIOS "Legacy" mode for their main distribution.It was just a question of time but, seems UEFI could be in real hot water in the next few months.The article mentions that hackers successfully installed rootkits in the "secure" UEFI partition.
https://www.theregister.co.uk/2018/09/28/uefi_rootkit_apt28/ (https://www.theregister.co.uk/2018/09/28/uefi_rootkit_apt28/)
Cheers!
-
Thank you so much for sharing this!
-
Actually all this could ever do in a properly installed Linux system is possibly cause a DoS, and the CLI would report the kernel errors. The threat is to MS Windows whereby software could possibly be remotely installed to the system, though even there BIOS/EFI password would simply eliminate the problem in the first place. This is just MS spin doctors at work, patting themselves on the back to build public confidence. Spectre-Meltdown, news of which has quietly dissipated, still remains the most serious threat to modern computers/servers because it deals with RAM access, and will not be alleviated until new CPUs and secure RAM appear no matter what you read, and its only real limitation as an exploit is technical creativity, which is itself only about $$. It is a far better candidate for nation to nation cyber-espionage than anything else out there.
TC
-
Hi!
I'm no hardware programmer but I'm guessing this would affect dual-boot machines using UEFI too. (?)
What could a rootkit like this do in Linux once it's installed from the "other" OS, only a DoS?
Cheers!
-
Not much. Like I said DoS maybe. Linux would EMsg it about like a firmware bug, or run through a series of kernel protocol alternatives and EMsg those as well.
TC