From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Thu, 21 Jul 2005 08:13:33 -1000
From: Tim Newsham <newsham@lava.net>
To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu>
Subject: Re: [9fans] First-timer help
In-Reply-To: <4878.1121962344@piper.nectar.cs.cmu.edu>
Message-ID: <Pine.BSI.4.61.0507210809280.22407@malasada.lava.net>
References: <4878.1121962344@piper.nectar.cs.cmu.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Topicbox-Message-UUID: 6dc38b10-ead0-11e9-9d60-3106f5b1d025

>> Yah, now you're just trusting the bios, the local disk (if any)
>> and the network.  Much more secure ;-)
>
> If you can't trust the BIOS, you can't trust *anything* about
> the machine.

The original thread mentioned false login screens that people
can leave running in unix.  What I meant to imply (perhaps too
subtly) was that you can configure the BIOS to boot a malicious
plan9 kernel (by adjusting bios parameters, by leaving a
boot block on the disk, or by interposing on the network boot
process).  Rebooting the machine does not necessarily give you
strong assurances against trojan login screens.  (Of course
it can, if configured properly -- ie trusted booting of signed
binaries).

Sure you can put a tiny cdr into the drive, but what if the
bios doesn't even boot the cdr (or refuses to, and has a password).
What if it boots the hard drive while making it look like its
booting the CDR?

> Dave Eckhardt

Tim Newsham
http://www.lava.net/~newsham/