Linux - Hardware This forum is for Hardware issues.
Having trouble installing a piece of hardware? Want to know if that peripheral is compatible with Linux? |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
12-06-2023, 01:12 PM
|
#1
|
LQ Guru
Registered: Feb 2003
Location: Virginia, USA
Distribution: Debian 12
Posts: 8,370
|
UEFIs booting Windows and Linux devices can be hacked
There is a new security threat against every computer that uses UEFI.
https://arstechnica.com/security/202...rmware-attack/
Can the threat be avoided by switching to legacy BIOS?
Last edited by jailbait; 12-06-2023 at 01:15 PM.
|
|
|
12-06-2023, 03:05 PM
|
#2
|
LQ Guru
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 27,397
|
Quote:
Originally Posted by jailbait
|
The security threat that's a proof of concept, developed by researchers??? Probably not, since the article specifically outlines how it works. And that the vulnerable systems have already been identified and patches are rolling out to counter it. From the article itself:
Quote:
Originally Posted by Article
The affected parties are releasing advisories that disclose which of their products are vulnerable and where to obtain security patches.
|
Lots of proof-of-concept attacks are out there...hardly any ever make it 'into the wild', because they're just too clunky to deploy, as this one is. Because in order for this to work, you'd have to update your existing BIOS with one that has the exploit in it.
So yes...if you're going to download an update to your system from some sketchy third party without verification and shove it on your system, it could work.
|
|
|
12-06-2023, 03:21 PM
|
#3
|
Senior Member
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: Fedora
Posts: 4,249
|
Need to start pushing vendors to use open source firmware. https://www.coreboot.org/users.html
|
|
1 members found this post helpful.
|
12-06-2023, 03:43 PM
|
#4
|
LQ Guru
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 6,043
|
Quote:
Originally Posted by smallpond
|
Most users never install firmware updates anyway (though they really should), but that would be a good start. Making them load as a boot option (ala Dell laptops) would also help and would make them OS agnostic.
|
|
|
12-06-2023, 06:29 PM
|
#5
|
Senior Member
Registered: Sep 2004
Distribution: slackware
Posts: 4,726
|
Quote:
Originally Posted by TB0ne
The security threat that's a proof of concept, developed by researchers???
|
Exactly.
From the article: "There are several ways to exploit LogoFAIL. Remote attacks work by first exploiting an unpatched vulnerability in a browser, media player, or other app and using the administrative control gained to replace the legitimate logo image processed early in the boot process with an identical-looking one that exploits a parser flaw. The other way is to gain brief access to a vulnerable device while it’s unlocked and replace the legitimate image file with a malicious one."
Breaking that down:
1. It requires administrator level access to your machine.
2. To obtain administrator level access to your machine, it needs: "an unpatched vulnerability in a browser, media player, or other app."
Those are high bars to jump over, particularly in this day & age.
Under Linux, you can prevent this by not using the root account for day-to-day tasks. On Windows, you can achieve a similar result by setting up a 'standard user' account for yourself... but almost nobody does that.
There are other reasons to not be worried about this, too, but I don't have time to write them all out because I've got work to do.
|
|
|
12-07-2023, 12:16 PM
|
#6
|
Member
Registered: Jul 2003
Location: NY
Distribution: Slackware, Termux
Posts: 952
|
If I'm reading this correctly, an attacker needs read/write access to the ESP, something only root has. Then, you have to download and install a compromised image (as in picture), and hope a vulnerable EFI loader parses it to launch the attack. In short, you have to do a part firmware update, assuming you even had a logo to begin with, for a compromised logo to be installed.
Looks like someone at Binarly wanted to justify almost a year's worth of work and Arstechnica ran with this hair-on-fire story.
|
|
|
12-07-2023, 01:54 PM
|
#7
|
Senior Member
Registered: Jan 2012
Distribution: Slackware
Posts: 3,348
Rep:
|
The story here is that the image processing code in numerous UEFI BIOSes contain vulnerabilities that can only be characterised as ridiculous.
I have a really hard time believing that the programmers of these supposedly secure systems just had no idea that you have to properly validate input data in order to prevent vulnerabilities of this kind. Either an awful lot of programmers at an awful lot of billion-dollar companies are completely incompetent, or this is (or rather, was) intended as a backdoor.
|
|
|
12-07-2023, 02:55 PM
|
#8
|
Senior Member
Registered: Feb 2007
Location: UK
Distribution: Debian
Posts: 3,835
|
Profitability doesn't require competence, and there are only three BIOS vendors involved.
Not that I'd rule out a deliberate backdoor, but it really doesn't surprise me.
In addition to simply being the work of an average incompetent developer, I can easily imagine "display an image" being a task given to an intern who has yet to learn anything meaningful about security, and it could also be "here's a quick and dirty version to start with, we'll replace it before launch" that, once an arbitrary deadline approaches, a non-developer project manager declares as good enough.
|
|
|
12-21-2023, 04:23 PM
|
#9
|
Member
Registered: Jan 2016
Location: Canada
Distribution: slackware and linux mint
Posts: 110
Rep:
|
One must also consider other known exploits that are built in like intel v-pro active management technology or amd psp that are touted as a "feature" that you should want, built in back doors
in your hardware along with the telemetry riddled buggy ms windows variants. Also Linus Torvalds was approached by intelligence operatives and asked to put in backdoors into his kernel
and refused. Here you have a group of people (the intelligence community) that don't want to work too hard to do their jobs and end up making things less secure in the end while positing that
they are "just trying to protect you". From who them? When these guys keep getting caught doing things nobody else would get away with i start questioning the narrative.
Yeah i did a search on this logofail exploit and found this thread so i at least know the linux community is looking at it so that much is good. What do we have to do anyway make our own hardware
along with our software like apple so we can have more secure computers?
|
|
|
12-22-2023, 01:01 PM
|
#10
|
LQ Guru
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 6,043
|
Quote:
Originally Posted by boughtonp
Profitability doesn't require competence, and there are only three BIOS vendors involved.
Not that I'd rule out a deliberate backdoor, but it really doesn't surprise me.
In addition to simply being the work of an average incompetent developer, I can easily imagine "display an image" being a task given to an intern who has yet to learn anything meaningful about security, and it could also be "here's a quick and dirty version to start with, we'll replace it before launch" that, once an arbitrary deadline approaches, a non-developer project manager declares as good enough.
|
Which argues for the use of the FOSS bio alternatives. (See articles on coreboot, libreboot, osboot, heads for examples.)
|
|
|
12-22-2023, 11:25 PM
|
#11
|
Member
Registered: Jan 2016
Location: Canada
Distribution: slackware and linux mint
Posts: 110
Rep:
|
Do you seriously think these guys are going to want to give up their free lunch
And if they did or we were able to wrest control of our hardware platforms from their lazy fingers
how long could we retain it anyway. Here is hoping (and i mean it) it will happen soon. Or maybe perhaps patch the vulnerable
logo boot image with a vetted and safe one (or maybe a picture of your cat i don't know) this might help. I for one
don't even display a corporate logo and that's good enough for me. Perhaps a slackware logo would be nice then at least we might
be sure it's safe by doing some sort of security check on it at boot up as well.
|
|
|
12-23-2023, 01:58 PM
|
#12
|
LQ Guru
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 6,043
|
Quote:
Originally Posted by SunnyJim
Do you seriously think these guys are going to want to give up their free lunch
And if they did or we were able to wrest control of our hardware platforms from their lazy fingers
how long could we retain it anyway. Here is hoping (and i mean it) it will happen soon. Or maybe perhaps patch the vulnerable
logo boot image with a vetted and safe one (or maybe a picture of your cat i don't know) this might help. I for one
don't even display a corporate logo and that's good enough for me. Perhaps a slackware logo would be nice then at least we might
be sure it's safe by doing some sort of security check on it at boot up as well.
|
NOT the worst reason to use Open Source hardware and CPU with FOSS Firmware booting!
|
|
|
12-23-2023, 06:42 PM
|
#13
|
Member
Registered: Jan 2016
Location: Canada
Distribution: slackware and linux mint
Posts: 110
Rep:
|
As i said: "Perhaps a slackware logo would be nice then at least we might
be sure it's safe by doing some sort of security check on it at boot up as well."
So the question remains how do we do it? Or is this a question for the opensource firmware people.
|
|
|
All times are GMT -5. The time now is 03:03 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|