Gregory's Server
@dangoodin Physical threat model is a separate concern, to me anyway. Though I can't think how an "evil maid" would succeed undetected vs various boot chain checks (incl open source ones like Qubes' anti-evil-maid; IIRC a fw boot logo would have to be included in both the sealing and measurement process).
Remote threats to a regular OS are a very big concern w something like this, because 1) typical OS protections are weak due to the kernel being very complex (just one priv escalation and they've got into your firmware) and 2) online system means many hours and avenues of opportunity throughout each day and 3) high value exploit bc its so privileged and hard to detect or remedy. Putting VM breakout requirement in their way is a game changer, IMO. #sanity
As for this particular class of exploit, malformed images, a permanent fix may be possible if an update including a setting to disable custom image, or perhaps a better parser that is formally verified. But you still have to wonder what else the fw may be parsing insecurely.
@dangoodin I think this shows a critical difference in boot protection schemes:
Anti-evil-maid makes the system validate itself to the user. If anything loaded up to that point doesn't match what was used to seal the all-clear phrase, then nothing the malware does will be able to cryptographically unseal the phrase. In a sense it doesn't matter if malware was loaded, as long as the user is diligent enough to watch for the phrase. That's a significant payoff for a small amount of extra effort!
Secureboot validates the fw to an absent authority (the OEM) so there can be no out-of-band check performed. This reminds me a lot of DRM's weaknesses.
@dangoodin I think this shows a critical difference in boot protection schemes:
Anti-evil-maid makes the system validate itself to the user. If anything loaded up to that point doesn't match what was used to seal the all-clear phrase, then nothing the malware does will be able to cryptographically unseal the phrase. In a sense it doesn't matter if malware was loaded, as long as the user is diligent enough to watch for the phrase. That's a significant payoff for a small amount of extra effort!