From: Tim Newsham <newsham@lava.net>
To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu>
Subject: Re: [9fans] First-timer help
Date: Thu, 21 Jul 2005 08:13:33 -1000 [thread overview]
Message-ID: <Pine.BSI.4.61.0507210809280.22407@malasada.lava.net> (raw)
In-Reply-To: <4878.1121962344@piper.nectar.cs.cmu.edu>
>> Yah, now you're just trusting the bios, the local disk (if any)
>> and the network. Much more secure ;-)
>
> If you can't trust the BIOS, you can't trust *anything* about
> the machine.
The original thread mentioned false login screens that people
can leave running in unix. What I meant to imply (perhaps too
subtly) was that you can configure the BIOS to boot a malicious
plan9 kernel (by adjusting bios parameters, by leaving a
boot block on the disk, or by interposing on the network boot
process). Rebooting the machine does not necessarily give you
strong assurances against trojan login screens. (Of course
it can, if configured properly -- ie trusted booting of signed
binaries).
Sure you can put a tiny cdr into the drive, but what if the
bios doesn't even boot the cdr (or refuses to, and has a password).
What if it boots the hard drive while making it look like its
booting the CDR?
> Dave Eckhardt
Tim Newsham
http://www.lava.net/~newsham/
next prev parent reply other threads:[~2005-07-21 18:13 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-07-17 18:27 John Floren
2005-07-17 18:26 ` Gorka guardiola
2005-07-17 19:18 ` John Floren
2005-07-17 19:20 ` Russ Cox
2005-07-17 23:12 ` Charles Forsyth
2005-07-18 9:23 ` Martin C. Atkins
2005-07-18 10:45 ` lucio
2005-07-18 18:24 ` Jack Johnson
2005-07-19 6:01 ` Martin C. Atkins
2005-07-19 13:29 ` Axel Belinfante
2005-07-19 13:57 ` Ronald G. Minnich
2005-07-19 16:11 ` Martin C. Atkins
2005-07-19 15:38 ` Charles Forsyth
2005-07-19 16:12 ` Skip Tavakkolian
2005-07-19 16:39 ` Martin C. Atkins
2005-07-21 2:30 ` Tim Newsham
2005-07-20 1:43 ` Brian L. Stuart
2005-07-18 13:08 ` Steve Simon
2005-07-21 2:17 ` Tim Newsham
2005-07-21 4:34 ` arisawa
2005-07-21 2:11 ` Tim Newsham
2005-07-21 2:57 ` Ronald G. Minnich
2005-07-22 9:44 ` Richard Miller
2005-07-22 9:49 ` Charles Forsyth
2005-07-22 15:09 ` Gorka guardiola
2005-07-22 14:14 ` Wes Kussmaul
2005-07-22 15:36 ` David Leimbach
2005-07-22 18:13 ` jmk
2005-07-23 3:30 ` LiteStar numnums
2005-07-23 16:19 ` Ronald G. Minnich
2005-07-21 16:12 ` Dave Eckhardt
2005-07-21 16:23 ` Russ Cox
2005-07-21 17:33 ` Wes Kussmaul
2005-07-21 18:13 ` Tim Newsham [this message]
2005-07-22 6:16 ` Dave Eckhardt
2005-07-22 6:20 ` Charles Forsyth
2005-07-21 23:00 ` Ronald G. Minnich
2005-07-22 1:28 ` David Leimbach
2005-07-22 1:48 ` Russ Cox
2005-07-22 3:54 ` Ronald G. Minnich
2005-07-22 5:57 ` lucio
2005-07-17 19:20 ` andrey mirtchovski
2005-07-17 19:47 ` John Floren
2005-07-17 19:44 ` andrey mirtchovski
2005-07-17 20:17 ` John Floren
2005-07-17 20:20 ` andrey mirtchovski
2005-07-17 20:58 ` Russ Cox
2005-07-17 19:45 ` Christopher Nielsen
2005-07-17 23:17 ` Charles Forsyth
2005-07-18 0:33 ` Dave Lukes
2005-07-18 7:31 ` lucio
2005-07-18 15:24 ` Jack Johnson
2005-07-18 15:33 ` David Leimbach
2005-07-18 13:51 ` Ronald G. Minnich
2005-07-18 15:54 ` arisawa
2005-07-18 16:46 ` Jack Johnson
2005-07-17 19:29 ` Tim Wiess
2005-07-19 0:33 ` arisawa
2005-07-19 1:04 ` arisawa
2005-07-17 18:26 ` andrey mirtchovski
2005-07-17 18:30 ` andrey mirtchovski
2005-07-17 22:13 ` [9fans] " Dave Eckhardt
2005-07-18 20:42 [9fans] " Ben Huntsman
2005-07-19 15:48 Ben Huntsman
2005-07-19 16:01 ` Ronald G. Minnich
2005-07-19 16:07 ` Jack Johnson
2005-07-19 16:10 ` Russ Cox
2005-07-19 16:23 ` Ronald G. Minnich
2005-07-19 16:46 ` Martin C. Atkins
2005-07-19 16:40 ` Bakul Shah
2005-07-19 16:51 ` andrey mirtchovski
2005-07-19 17:14 ` Devon H. O'Dell
2005-07-19 20:08 ` David Leimbach
2005-07-19 20:29 ` Devon H. O'Dell
2005-07-20 6:39 ` William K. Josephson
2005-07-19 20:05 ` David Leimbach
2005-07-20 4:40 ` Ronald G. Minnich
2005-07-20 5:02 ` andrey mirtchovski
2005-07-20 8:46 ` Charles Forsyth
2005-07-20 13:44 ` David Leimbach
2005-07-20 0:57 ` Brian L. Stuart
2005-07-20 4:47 ` Ronald G. Minnich
2005-07-21 2:33 ` Brian L. Stuart
2005-07-21 3:02 ` Ronald G. Minnich
2005-07-21 3:46 ` Brian L. Stuart
2005-07-21 2:32 ` Tim Newsham
2005-07-19 16:33 Ben Huntsman
2005-07-20 4:09 ` Ronald G. Minnich
2005-07-20 16:38 Dave Eckhardt
2005-07-21 23:25 Francisco J. Ballesteros
2005-07-21 23:36 ` Devon H. O'Dell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Pine.BSI.4.61.0507210809280.22407@malasada.lava.net \
--to=newsham@lava.net \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).