← Back to context

Comment by AdieuToLogic

6 days ago

> Software bugs can put the system in to a bad state which can be abused by malware, but none of it can persist through a reboot since everything is checked and measured from scratch during the boot.

This does not account for supply chain attacks nor trojan attacks which seek consensual installation. A reboot will not eradicate these threat vectors.

It relies on your software to be properly sandboxed and permissioned.

What we have seen is state funded hacking groups can often exploit bugs which break out of sandboxes and embed themselves in the system. But the malicious code only exists in memory, it can’t persist between reboots because the next boot would fail the checksum and signature checks.

Which is why security focused OSs will periodically reboot themselves to flush out possible malware and why jailbreaks and hacks for phones and game consoles usually have to be reinitiated after every boot.

MacOS has a few measures including SIP and boot chain security to implement this, though it’s currently hard to set up a properly secure Linux desktop.

  • > It relies on your software to be properly sandboxed and permissioned.

    And organizations rely on their employees not falling for phishing email. How well has that worked?

    > What we have seen is state funded hacking groups can often exploit bugs which break out of sandboxes and embed themselves in the system. But the malicious code only exists in memory, it can’t persist between reboots because the next boot would fail the checksum and signature checks.

    "Malicious code existing only in memory" is patently false by not addressing supply chain attacks previously mentioned. To wit, the npm left-pad attack[0]. See also the thousands of PHP CVEs.

    0 - https://en.wikipedia.org/wiki/Npm_left-pad_incident

    • This is true, which is why it's extremely hard to create a secure linux desktop today. But things are moving in the right direction, if you use Wayland + Flatpak on a immutable OS with secureboot set up you are in a much better position than a standard distro.