[GLLUG] Am I over-reacting to this?
james.dutton at gmail.com
Thu Jan 16 10:06:02 UTC 2014
On 15 January 2014 23:47, Mike Brodbelt <mike at coruscant.org.uk> wrote:
> On 15/01/14 22:26, John Edwards wrote:
>> The key things are trust and reproducibility. Open source software can
>> be easily recompiled and compared to those distributed in binary form.
Not yet true. Each time you compile some software in Linux, the binary
might be different. Sometimes timestamps are included in the binary.
> Reproducibility is being worked on. Full stack trust is a *much* harder
> problem in today's ecosystem. It requires, at a minimum, a system with no
> firmware without both source and a method of verification that the installed
> binary images in flash come from that source. It's also far from
> inconceivable that the NSA would backdoor hardware by adding transistors or
> physical taps (like the modified ethernet transceivers that have been seen),
> so unless you can verify the design, and have confidence that the item you
> bought wasn't intercepted in transit and swapped for a compromised version,
> you still have a problem.
I think UEFI bios has made things worse in this area. UEFI is so large
and difficult to decompile.
I think the BIOS code would be much simpler if it was a small as
possible, and the user would install into flash their boot image. I.e.
vmlinuz and initrd.img
The BIOS would then only need the code to switch on the CPU, have a
hardware description table, and then load the next boot stage from
flash. The BIOS would also need a "recovery" mode to prevent bricking
of the Motherboard. ARM based mobile phones take this approach. It
only took me a few days to reverse engineer the entire boot rom (irom)
of a samsung ARM based phone, mainly because it is so small.
On the other side of the coin, I cannot think of anything that I am
doing that could possibly interest the NSA. I think the biggest risk
is criminals finding out the backdoors/bugs and exploiting them.
What I would like to see is more openness from hardware manufacturer.
E.g. A motherboard manufacturer should publish a standards based
computer readable description of their motherboard. I.e. Which CPU,
which interface chips, over-clocking registers etc.
The open source community could then write their own BIOS that used
the manufacturers "description" to compile a BIOS that was certain to
boot that motherboard.
Maybe programmes like the one I am writing will help in this area, by
making it a lot easier to reverse engineer binary code.
Time will tell.
More information about the GLLUG