this post was submitted on 07 Dec 2023
639 points (87.3% liked)

Linux

48640 readers
1397 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 1 year ago (1 children)

Secure Boot is just Bootloader Signature Enforcement controlled by M$, it's not gonna prevent Superfish 2.0 from happening.

Unfortunately, I don't have a coreboot-able system. When I move out I'll make that a priority.

[–] [email protected] 3 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago (1 children)

I never bought my current machines. Funnily enough, they don't show any logos on bootup, (Windows Boot Manager is smth else)

[–] [email protected] 1 points 1 year ago (2 children)

The vulnerability actually isn’t in Windows Boot Manager, it’s a flaw in the image-parsing code of the UEFI itself. That’s why it’s able to bypass SecureBoot.

It just happens that for whatever reason you can easily update the image file from within Windows/Linux itself. The fact they don’t show a logo currently does not mean you’re immune, as the system might just be showing a black screen at that point. Code can be injected into an image file without perceptibly affecting the image output, so you’d likely be able to use a “black screen” logo. If your computer has a UEFI instead of a BIOS, which is pretty much everything from the last 10yrs, then you are more than likely at risk.

My computer likely isn’t susceptible, and that’s because it’s a Dell workstation. While the bug still exists in the image parser, Dell has locked things down so it’s pretty much impossible to change the boot logo from userspace.

[–] [email protected] 1 points 1 year ago

Yes, IK WBM is not the problem here. My systems don't show a logo at all, and they don't have a "hide logo" options.

[–] [email protected] 1 points 1 year ago (1 children)

FWIW, some firmware allow changing it during the update procedure. I remember having to update my ThinkPad's firmware and it had that option.

[–] [email protected] 1 points 1 year ago

That’s valid, I looked into it with Dell and later articles have mentioned they aren’t susceptible.