Questions tagged [boot]
"Booting" is the process of starting up a computer from the OFF state. This tag is for attacks and security measures relating to the startup routine of computer hardware, firmware, or operating systems.
108 questions
0
votes
0
answers
76
views
The Boot Process - Sequence of Events, Boot Integrity Checks, and BitLocker OS Volume Encryption
Apologies if any of these questions have been answered previously. Also, apologies for the sheer number of questions asked here. I've done some digging, and have been unable to find a good resource ...
1
vote
1
answer
312
views
Why does Windows force you to do a mandatory restart once in a while? Apparently, its for 'security purposes.'
I haven't needed to restart my computer for a while now, as I just usually shut down when I'm finished, and then reboot when I use Windows again. I dual-boot, so of course I often restart to a ...
- 3,035
0
votes
1
answer
124
views
Why is the boot key used to access the encrypted SAM database hashes?
A quick something I’ve been wondering: why is the boot key used to access the encrypted SAM database hashes, (and not another key,) and also what encryption mechanism is actually used to encrypt the ...
- 3,035
1
vote
1
answer
198
views
Creating bootable USB from a compromised OS. Is it safe?
If we buy for instance a laptop with an OS pre-installed e.g. Ubuntu and but the original seller was not reputable and there are doubts with the preinstall.
My question is: if we use the laptop to ...
- 193
4
votes
1
answer
740
views
How does measured boot work using TPM
Within the measured boot process, consider a scenario where I aim to create a measurement for a specific piece of code, perhaps, for illustrative purposes, a potentially malicious operating system. so ...
- 141
1
vote
2
answers
146
views
Isolating encrypted and unecnrypted Windows installations and protecting the boot loader
I want to use my PC both for gaming and for stuff like keeping cryptocurrency wallets, online banking, etc. I need to install games as admin but of course I don't want them to be able to access my ...
- 111
2
votes
1
answer
641
views
In a secure boot bootloader chain, does a bootloader image contain the RootCA certificate of the next bootloader?
This is coming from Qualcomm's Secure Boot explanation.
https://www.qualcomm.com/content/dam/qcomm-martech/dm-assets/documents/secure-boot-image-authentication_11.30.16.pdf
Within it, it explains that ...
- 121
2
votes
1
answer
571
views
Using a TPM for host authentication during PXE boot
I have a stateless machine that is PXE booting from some host, and I'm curious if there is some clever way to achieve host authentication by only using the TMP (No UEFI Secure Boot).
For obvious ...
- 579
48
votes
2
answers
13k
views
Does rebooting a phone daily increase your phone's security?
Recently, the Australian Prime Minister Anthony Albanese gave some advice to regularly reboot your phone to boost its security.
Apparently this advice is somewhat commonly given to legislators. This ...
- 583
0
votes
1
answer
177
views
Will using a hard drive with the MBR virus cause the main system to be infected?
If I have an old hard drive and assume it has an MBR virus.
If I install it on my computer using a SATA cable as the D drive to store data, will my system drive (C drive) be affected by the MBR virus?
- 31
0
votes
1
answer
330
views
If I disable CSM (Compatibility Support Module) in UEFI settings, will it protect me from malware that infected MBR boot sector?
As far as I understand, when in CSM mode, UEFI boots using MBR boot sector (from internal hard drive, external USB Flash drive, etc). And when in non-CSM mode, UEFI ignores whole existence of MBR boot ...
- 115
1
vote
3
answers
676
views
Understanding FDE: Is the encrypted Linux protected against a compromised boot volume?
I use this initramfs-based FDE on my headless server. My motivation is to secure my system against physical tampering.
I am aware that securing an untrusted hardware is not possible. This question is ...
- 113
0
votes
1
answer
1k
views
Boot virus on GPT?
I remember that some rare viruses can hide in MBR(it's 512bytes space).
It's difficult to be detected and even if I reinstall operating system, the virus won't disappear.
But how about it on the new ...
- 31
2
votes
1
answer
265
views
How do you boot from the network using https?
How do you boot a Linux live image from a CDN using Https as boot protocol?
The reason for netbooting using a CDN would be to start fresh with a non persistent operating system image. Booting fresh ...
- 265
1
vote
1
answer
205
views
Is it possible to allow only a certain secure USB boot media to boot an UEFI system?
I want to restrict all USB boot media from my system, except for a certain USB boot drive that I declare secure via a certain key.
Is this possible using UEFI/Secure Boot/TPM? Maybe via TPM? TPM gets ...
- 1,443
0
votes
1
answer
281
views
OS on external drive -- is it safe?
So I'm installing macOS to my external hard drive partition, so I can have a 100% clean environment where I can engage with cryptocurrencies. (Exchanges, stable coins, protocols, putting actual money ...
1
vote
0
answers
243
views
Is grub implementation of secure boot inherently flawed?
Definitions
Grub is the second stage bootloader often found in Linux distributions.
shim is the first bootloader ran by the ROM firmware. It is signed by Microsoft.
ROM firmware is the code embedded ...
0
votes
1
answer
438
views
Microsoft site iso download flagged by Defender as hacktool while creating bootable USB through rufus [closed]
Iso of 32 bit Windows 10 professional english version downloaded from Microsoft's website by using chrome's developer tools to spoof a chromeOS signature, so as to avoid using Microsoft's download ...
3
votes
1
answer
3k
views
Are there any Linux distributions with enabled TPM2 and full disk encryption setups
I have been searching the web to find a Linux distribution, preferrably a rolling release one as I'm otherwise hooked on the concepts in Arch Linux, with automated steps to setup full disk encryption (...
- 131
0
votes
0
answers
157
views
How to execute Android verified boot during first boot after updating OS in Android?
I need to execute AVB (Android verified boot) during first boot after updating Android OS. BOARD_AVB_ENABLE = true is already present in the mk file device/hikey/common/BoardConfigCommon.mk in the ...
- 101
15
votes
6
answers
8k
views
What's stopping someone from copying my HDD/SSD?
Let's say I have to leave my computer unattended and turned off for a while with some strangers, is it possible for someone to clone my HDD and SSD data?
- 275
1
vote
1
answer
2k
views
Will encrypting a dual boot OS prevent viruses from spreading between the two?
Will encrypting a dual boot OS prevent viruses from spreading between the two? Also does linux have any MBR viruses? Will locking the bios in Windows and GRUB stop viruses from attaching and ...
- 607
1
vote
1
answer
306
views
Is it easy to create persistent programs that run before Android's boot? (in firmware maybe)
I've been wondering about which level of trust I can apply to a used phone bought from someone else. I can easily unlock the bootloader and flash a brand new Android. However, what about firmware ...
- 113
1
vote
0
answers
123
views
Aren't these "new" self-programmable gaming mouses a new security threat? [duplicate]
I have recently bought one of the recent "best" USB gaming mouses out there. The thing that is bothering that the marketing material says it contains a self-programmable computer embedded in ...
- 1,675
1
vote
0
answers
230
views
Entered FDE password in GRUB by mistake
For several reasons (I have an external monitor, etc.) when I booted the laptop I typed the FDE (Full Disk Encryption on Linux, LUKS) without looking at the monitor, and I ended up typing the full ...
- 15.9k
4
votes
1
answer
412
views
Why does openSUSE sporadically prompt during boot to trust its built-in certificate?
The conundrum
My wife’s laptop has been running openSUSE Leap 15.0 for several years, and she has once or twice been flummoxed by this prompt at the very beginning of the boot sequence, most recently ...
- 143
-1
votes
1
answer
1k
views
Booting from an external drive on work laptop (privacy)
Hi guys the company I work for gave me an awesome laptop but I don't want them to spy on my personal activities (they have lots of Spyware and security).
I am, however, able to boot from an external ...
- 1
2
votes
1
answer
834
views
Understanding Secure Boot
I'm trying to understand the secure boot process of an OS but there are few points I can't wrap my head around.
At a high level, afaik, secure boot ensures that the loaded OS is authenticated by its ...
- 187
0
votes
1
answer
4k
views
What is difference running Linux by live USB vs. by VirtualBox?
Can an expert please explain me which of following three methods working with an OS is technically considered more "secure" - and why (pros/cons)?
Security I mean aspects like:
-preventing any ...
- 493
1
vote
1
answer
3k
views
Why authenticated boot not Secure boot?
Context: Secure boot is one of the important elements of Trusted Computing in computer system. One variety of the Secure boot is authenticated boot. While secure boot prevent the boot of a non trusted ...
- 269
0
votes
3
answers
1k
views
Why after dd'ing ISO file to entire USB flash device, only the first partition match the ISO checksum? [closed]
I use dd to "burn" an ISO file to USB stick:
dd bs=4M if=/mnt/media/ISO/Fedora-Workstation-Live-x86_64-31-1.9.iso of=/dev/sdd conv=fdatasync status=progress
Now I can see several partitions has ...
- 103
0
votes
1
answer
218
views
TrueCrypt "silently" updated bootloader
I have just updated TrueCrypt from version 7.1a to 7.2. Upon next system restart I have noticed that bootloader was updated as well, because it now shows message about TrueCrypt being not safe.
There ...
- 3,689
1
vote
1
answer
601
views
Preventing boot from USB on Dell Inspiron 5559
So what I am looking for is a way to prevent anyone from booting from a USB drive on this specific Dell Inspiron 5559.
so normally what I would have to do is to set an Admin password in BIOS that ...
- 11
1
vote
1
answer
2k
views
Requiring hardware key at boot-up on normal laptop
I am sure that a question like this already exists and has probably been answered. I just couldn't find any results (probably due to my inability to word my question correctly).
We use laptops at ...
- 11
2
votes
1
answer
827
views
Is it a security concern to publish the current boot_id?
On linux, a machine comes with a machine_id.
From the man page, it is said to be considered as "confidential" and must not be exposed to unstrusted parties.
Should the boot_id (from /proc/sys/kernel/...
- 241
2
votes
1
answer
388
views
What can a compromised firmware (UEFI) do after the hard-disk has been wiped?
I might be mistaken, but it seems the firmware (UEFI) needs to load some stuff from the disk to be able to do anything really interesting, like loading some advanced tools or loading the OS. Yet ...
- 15.9k
-1
votes
2
answers
399
views
USB bootable CD protect against rootkits?
I have a infected computer, which I am trying to diagnose. The attack is probably very sophisticated, and I am not yet sure whether this has happened in the bios, mbr, active partition or any other ...
3
votes
2
answers
399
views
What program can Decrypt specific a Folder/Files during Windows Boot/Loading? (Windows)
I've been looking into Encryption of my data for some time now; I've decided to move ahead with VeraCrypt for encryption all of my partitions (I have 2 disks in 1 laptop) except for the OS (C:) ...
- 31
2
votes
1
answer
517
views
Why are pins required on boot on devices with fingerprint readers? [duplicate]
Both my iPad and my android phone are configured to allow access via either a pin, or a fingerprint scan. However, immediately after a reboot, neither device allows a fingerprint for the first unlock; ...
- 273
1
vote
2
answers
889
views
Can a laptop be monitored when booted from external drive?
If a laptop is monitored (say from employer) and I boot it from an external USB hard drive or a LIVE-CD/USB-Stick, can it then still be monitored somehow?
- 11
0
votes
1
answer
292
views
Security/Privacy OS With Boot On Thumbdrive
I am looking for a security-centered Linux OS that allows you to take the /boot partition on a thumb-drive to alleviate concerns of an Evil Maid Attacks! What OS is it easy to remove the /boot ...
2
votes
2
answers
740
views
Can malware migrate between OSes on the same machine?
Someone here at work just made an interesting claim; they stated that it's possible for malware, launched in e.g. Windows, to remain in RAM through a reboot and continue working in Linux on the ...
- 206
2
votes
1
answer
1k
views
using secure boot in embedded systems
The whole idea about using Secure Boot in Embedded Systems to boot an operating system is new to me. I've never paid much attention to it previously. I just know that it prevents the loading at start-...
- 287
1
vote
2
answers
1k
views
Android OS verity signature bypass
I am just getting into custom firmware and rooting phones.
I have a phone that appears to be unrootable for whatever reason due to a locked bootloader. The private key was never released and we only ...
- 11
1
vote
1
answer
186
views
Can a Windows program compromise the desktop hardware without giving administrator rights?
If I run a program on a Windows 10 machine, can the program install a virus on an attached USB drive, and can it install a virus into the firmware of the computer to be loaded before the OS/bootloader?...
user177810
1
vote
2
answers
853
views
Can dual-boot, encrypted Windows 7 installations be fairly well secured against each other?
We have corporate network where remote workers connect via encrypted latops (Windows 7) using VPN (Cisco AnyConnect client), log into the Windows domain and access their network shares, Outlook e-...
- 135
1
vote
1
answer
565
views
Verifying that the CRTM is read-only for the purpose of trusted computing
When using a TPM to provide integrity measurements for a system via SRTM, the trusted computing base is reduced to only the TPM and CRTM. The CRTM is a component of the BIOS (specifically the ...
- 67.3k
5
votes
2
answers
3k
views
securing Ubuntu bootloader using TPM
I am currently working with Ubuntu 16.04 , with an Intel CPU that supports TPM2 module.
I am trying to harden my boot-loader, i tried using trustedgrub2 fork that supports TPM2 , i understand that ...
- 51
5
votes
2
answers
4k
views
Is Secure Boot really Secure?
I found the concept of Secure Boot quite intriguing.
I can't say that I know much about it because I don't but I believe I understand the main concept of it.
Secure Boot verifies the signature of the ...
- 137
2
votes
1
answer
2k
views
Can malware have its own GRUB/boot-loader and use it to be active?
I use Ubuntu 16.04. After I mounted an ISO which may or may not have had malware in it, my system sometimes ends up showing a blank screen after logging into Ubuntu or reboots a minute or two after I ...
- 341