← Back to context

Comment by arcfour

2 hours ago

So everyday users should be vulnerable to bootkits and kernel-mode malware...why, exactly? That is useful security. The fact that people do not pursue this type of malware very frequently is an effect of SB proliferation. If it were not the default then these attacks would be more popular.

3 comments

arcfour

Reply
jrm4  1 hour ago

Citation please.

There are so many vectors for malware, can't say I'm just going to accept this one on pure "because it's possible."

  • arcfour  3 minutes ago

    Citation for what? The existence of bootkits?

    Petya/NotPetya, Alureon, Carberp/Rovnix, Gapz, LoJax (firmware rootkit!).

    All of these attacks would be thwarted by SB (and in Petya's case, simply having UEFI enabled at all, since that was only for BIOS machines)

  • burnt-resistor  34 minutes ago

    You're arguing for not wearing seatbelts because no evidence has been shown that anyone has ever been saved by wearing one has been presented. That's just stupid by refuting ubiquitously understood data and facts.

    SecureBoot ensures a valid, signed OS is installed and that the boot process generally hasn't been completely compromised in a difficult-to-mitigate manner. It provides a specific guarantee rather than universal security. Talking about "many vectors" has nothing to do with SecureBoot or boot-time malware.