The most useful quote to those familiar with the linux boot process:
“An attacker would need to be able to coerce a system into booting from HTTP if it’s not already doing so, and either be in a position to run the HTTP server in question or MITM traffic to it,” Matthew Garrett, a security developer and one of the original shim authors, wrote in an online interview. “An attacker (physically present or who has already compromised root on the system) could use this to subvert secure boot (add a new boot entry to a server they control, compromise shim, execute arbitrary code).”
If an attack needs root then it doesn’t matter. Your box is toast anyway. If you’re using http boot without verification then you should have seen a MITM attack coming.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@lemmy.world
This is a most excellent place for technology news and articles.
The most useful quote to those familiar with the linux boot process:
If an attack needs root then it doesn’t matter. Your box is toast anyway. If you’re using http boot without verification then you should have seen a MITM attack coming.
I only let attackers with root privileges execute arbitrary code on my guest WiFi so I’m good.
Can I use it to root my unlockable boot loader android 9 phone ?