TL;DR systemd automounts some useless EFI fw pseudo-fs that makes rm -rf / brick your motherboard.https://twitter.com/joernchen/status/693065577284374528 …
@CopperheadSec The bootloader should not be exposed to any input at all except the drive containing the kernel it's loading.
-
-
@RichFelker The kernel it's loading is untrusted input with verified boot though. It prevents persistent compromise on ChromeOS and Android. -
@RichFelker They are really careful about updating the bootloader though. They have 2 sets of bootloader partitions so they can swap them. -
@RichFelker At least LG does it that way: https://android.googlesource.com/device/lge/bullhead/+/android-6.0.1_r10/releasetools.py#136 …. Not sure if the Nexus Player (x86_64) and Chromebooks are that careful... -
@RichFelker Why it's important: recovery updates OS, OS updates recovery, so root can write recovery and bootloader needs to verify on boot. -
@RichFelker The boot partition (kernel, init) can just be read-only from within the OS but not recovery and recovery could be compromised.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.