Questions tagged [boot]
"Booting" is the process of starting up a computer from the OFF state. This tag is for attacks and security measures relating to the startup routine of computer hardware, firmware, or operating systems.
109
questions
0
votes
0
answers
46
views
Why no press over GRUB 2.12rc? [closed]
I am trying to update my GRUB from 2.06 to 2.12 in order to take advantage of the new support for luks2 disk encryption, but I've noticed something strange. There's very very little discussion of 2.12 ...
0
votes
0
answers
29
views
The Boot Process - Sequence of Events, Boot Integrity Checks, and BitLocker OS Volume Encryption
Apologies if any of these questions have been answered previously. Also, apologies for the sheer number of questions asked here. I've done some digging, and have been unable to find a good resource ...
1
vote
1
answer
262
views
Why does Windows force you to do a mandatory restart once in a while? Apparently, its for 'security purposes.'
I haven't needed to restart my computer for a while now, as I just usually shut down when I'm finished, and then reboot when I use Windows again. I dual-boot, so of course I often restart to a ...
0
votes
1
answer
80
views
Why is the boot key used to access the encrypted SAM database hashes?
A quick something I’ve been wondering: why is the boot key used to access the encrypted SAM database hashes, (and not another key,) and also what encryption mechanism is actually used to encrypt the ...
1
vote
1
answer
166
views
Creating bootable USB from a compromised OS. Is it safe?
If we buy for instance a laptop with an OS pre-installed e.g. Ubuntu and but the original seller was not reputable and there are doubts with the preinstall.
My question is: if we use the laptop to ...
4
votes
1
answer
331
views
How does measured boot work using TPM
Within the measured boot process, consider a scenario where I aim to create a measurement for a specific piece of code, perhaps, for illustrative purposes, a potentially malicious operating system. so ...
1
vote
2
answers
129
views
Isolating encrypted and unecnrypted Windows installations and protecting the boot loader
I want to use my PC both for gaming and for stuff like keeping cryptocurrency wallets, online banking, etc. I need to install games as admin but of course I don't want them to be able to access my ...
2
votes
1
answer
471
views
In a secure boot bootloader chain, does a bootloader image contain the RootCA certificate of the next bootloader?
This is coming from Qualcomm's Secure Boot explanation.
https://www.qualcomm.com/content/dam/qcomm-martech/dm-assets/documents/secure-boot-image-authentication_11.30.16.pdf
Within it, it explains that ...
1
vote
0
answers
403
views
Using a TPM for host authentication during PXE boot
I have a stateless machine that is PXE booting from some host, and I'm curious if there is some clever way to achieve host authentication by only using the TMP (No UEFI Secure Boot).
For obvious ...
47
votes
2
answers
12k
views
Does rebooting a phone daily increase your phone's security?
Recently, the Australian Prime Minister Anthony Albanese gave some advice to regularly reboot your phone to boost its security.
Apparently this advice is somewhat commonly given to legislators. This ...
0
votes
1
answer
154
views
Will using a hard drive with the MBR virus cause the main system to be infected?
If I have an old hard drive and assume it has an MBR virus.
If I install it on my computer using a SATA cable as the D drive to store data, will my system drive (C drive) be affected by the MBR virus?
0
votes
1
answer
279
views
If I disable CSM (Compatibility Support Module) in UEFI settings, will it protect me from malware that infected MBR boot sector?
As far as I understand, when in CSM mode, UEFI boots using MBR boot sector (from internal hard drive, external USB Flash drive, etc). And when in non-CSM mode, UEFI ignores whole existence of MBR boot ...
1
vote
3
answers
585
views
Understanding FDE: Is the encrypted Linux protected against a compromised boot volume?
I use this initramfs-based FDE on my headless server. My motivation is to secure my system against physical tampering.
I am aware that securing an untrusted hardware is not possible. This question is ...
0
votes
1
answer
1k
views
Boot virus on GPT?
I remember that some rare viruses can hide in MBR(it's 512bytes space).
It's difficult to be detected and even if I reinstall operating system, the virus won't disappear.
But how about it on the new ...
2
votes
1
answer
231
views
How do you boot from the network using https?
How do you boot a Linux live image from a CDN using Https as boot protocol?
The reason for netbooting using a CDN would be to start fresh with a non persistent operating system image. Booting fresh ...