Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
mjg59
on June 15, 2023
|
parent
|
context
|
favorite
| on:
Desktop Linux Hardening (2022)
If you have secure boot enabled, how does the attacker replace the kernel or bootloader?
lostmsu
on June 15, 2023
[–]
Pull the drive out, insert it into his machine, replace, then insert it back.
mjg59
on June 16, 2023
|
parent
[–]
And now the signature doesn't match, so the system doesn't boot
lostmsu
on June 16, 2023
|
root
|
parent
[–]
Which signature?
mjg59
on June 16, 2023
|
root
|
parent
[–]
The signature that's validated by secure boot. If you don't have secure boot turned on then there's no point in verifying PCR 7, because all PCR 7 contains is the secure boot data.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
