Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

How does this defend against a the type of hardware-based attack discussed in the article?


The best guess I've heard is that this attack pulls down the BMC's SPI flash lines in order to corrupt its code as it's loaded.

A proper chain of trust that starts on the BMC chip could absolutely protect against that. At that point any modification to the boot image would leave the BMC refusing to boot rather giving attacker control.


The same way secure-boot provides protection against hardware modification / evil maid type attacks in CPUs today: by verifying the integrity of the code that's about to be booted before the CPU boots it.

It would significantly raise the cost and difficulty of this sort of attack.


> It would significantly raise the cost and difficulty of this sort of attack.

In my opinion, modifying the board layout with the additional chip and modifying the production process for the server boards stealthily already has a pretty high cost and difficulty.


> already has a pretty high cost and difficulty

That's true, but properly implemented secure boot could serve to increase it by an order of magnitude.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: