> > > Hi Chris, > > > On 06/22/2016 02:10 PM, Rusty Bird wrote: > > >> Hi Marcin, > >> > >>> How would Anti Evil Maid detect BIOS/hardware modifications > >>> without sealing to PCR 0-3? By default it seals only to PCR > >>> 13,17,18,19. > >> PCRs 17-19 come from tboot, which uses Intel TXT to protect BIOS > >> etc. > > > Based on what I've seen from BIOS updates not triggering AEM, I > > think this is a valid concern. It should at least be explained. > > I'm out of my depth here -- maybe Joanna can provide an authoritative > response? -- but AFAIK a more correct phrasing would have been that > TXT is supposed to protect *from* the BIOS, i.e. to sanitize the early > boot state so as to remove the BIOS from the TCB. Which ITL have shown > it fails to really do; a malicous BIOS can circumvent AEM no matter if > the old approach (TrustedGRUB) or the new approach (TXT) is used. But > this might explain why a legit BIOS update does not necessarily change > the PCR measurements? > > Rusty > > Isn't malicious BIOS a threat even if you remove BIOS from the TCB and don't use it to assure bootloader and OS integrity? For example can't malicious BIOS capture keystrokes even if you protected your bootloader and OS with TXT? Also note https://www.qubes-os.org/doc/security-guidelines/ states "AEM will inform you of any unauthorized modifications to your BIOS or boot partition". I'm not sure AEM will inform you of modifications to BIOS indeed and if not then Security Guidelines are misleading what is bad.
Marcin -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/5d2057e5-0505-4d86-a90e-46ccf764baa7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
