From 1ca7930ae8205889ec7ec110221f887423fcaa49 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Wed, 15 Oct 2025 01:14:00 -0500 Subject: [PATCH 01/29] update(blog)!: Add Secure Boot Explained Article --- blog/posts/secure-boot.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 blog/posts/secure-boot.md diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md new file mode 100644 index 000000000..01f90f9dd --- /dev/null +++ b/blog/posts/secure-boot.md @@ -0,0 +1,18 @@ +--- +date: + created: 2025-05-19T20:15:00Z +categories: + - Explainers +authors: + - fria +tags: + - Secure Boot + - Measured Boot +preview: + cover: +--- + +# Secure Boot Explained + +You may have heard of something called Secure Boot, but what is it and what does it actually do? + From 0a24da9149c1fdf86cefc7b3d3e844f086b4e92e Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Wed, 15 Oct 2025 15:32:08 -0500 Subject: [PATCH 02/29] add firmware --- blog/posts/secure-boot.md | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 01f90f9dd..17573d242 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -8,11 +8,35 @@ authors: tags: - Secure Boot - Measured Boot + - Verified Boot preview: cover: --- # Secure Boot Explained -You may have heard of something called Secure Boot, but what is it and what does it actually do? +More and more devices are internet-enabled these days, which means the possiblity of malware. A lot of focus goes into securing the software running on our devices, but even if our operating systems are secure, if the lower level firmware that controls our hardware is compromised it's essentially all for naught. +## What is Firmware? + +In order for your hardware to function, it oftentimes needs small programs embedded directly into it, called [firmware](https://en.wikipedia.org/wiki/Firmware). + +Firmware provides low-level control for your hardware and allows the operating system to control it. The name comes from the fact that it's in between hardware and software; it's not executing CPU instructions, but it's a running program nonetheless. + +Almost chip in every device you own runs firmware, from the WiFi chip to the CPU to the GPU and even the motherboard itself. Most of these devices store their firmware in non-volatile memory that can be flashed, or rewritten with new data. A lot of the time, it can be flashed from the operating system, without needing any special equipment. + +This is desirable since older firmware can have vulnerabilities that need to be patched, which is especially important for connected devices that could be remotely exploited. Being able to easily patch firmware vulnerabilities through normal OS updates is essential for security on modern hardware that's so complex and feature-rich. + +However, it introduces a problem: if you can flash new firmware, an attacker can do the same. + +## Malware Persistence + +That makes any device, from your SSD to your graphics card to your sound card, a potential vector for infection. And once the firmware is infected, it will stay that way: remember, it's installed on the hardware itself, so it can survive a full OS wipe and reinstall. + +This isn't just theoretical: sophisticated malware has infected the firmware of devices like [hard drives](https://www.dailykos.com/story/2015/02/17/1364910/-Breaking-Kaspersky-Exposes-NSA-s-Worldwide-Backdoor-Hacking-of-Virtually-All-Hard-Drive-Firmware) to hide from detection and persist between reboots and OS reinstalls. + +If you think about the sheer number of devices in your computer, most made by different companies, the attack surface is huge. + +## UEFI + +In order to facilitate \ No newline at end of file From e33ec618ed8bcea7be9626be1ea615d2482f0b8d Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Fri, 24 Oct 2025 06:17:29 -0500 Subject: [PATCH 03/29] grammar --- blog/posts/secure-boot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 17573d242..5d9145c45 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -23,7 +23,7 @@ In order for your hardware to function, it oftentimes needs small programs embed Firmware provides low-level control for your hardware and allows the operating system to control it. The name comes from the fact that it's in between hardware and software; it's not executing CPU instructions, but it's a running program nonetheless. -Almost chip in every device you own runs firmware, from the WiFi chip to the CPU to the GPU and even the motherboard itself. Most of these devices store their firmware in non-volatile memory that can be flashed, or rewritten with new data. A lot of the time, it can be flashed from the operating system, without needing any special equipment. +Almost every chip in every device you own runs firmware, from the Wi-Fi chip to the CPU to the GPU and even the motherboard itself. Most of these devices store their firmware in non-volatile memory that can be flashed, or rewritten with new data. A lot of the time, it can be flashed from the operating system, without needing any special equipment. This is desirable since older firmware can have vulnerabilities that need to be patched, which is especially important for connected devices that could be remotely exploited. Being able to easily patch firmware vulnerabilities through normal OS updates is essential for security on modern hardware that's so complex and feature-rich. From 4291becb14de938a2861c64b0d0a22591fd3964d Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Fri, 24 Oct 2025 07:20:18 -0500 Subject: [PATCH 04/29] add bios section --- blog/posts/secure-boot.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 5d9145c45..57b96b908 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -37,6 +37,14 @@ This isn't just theoretical: sophisticated malware has infected the firmware of If you think about the sheer number of devices in your computer, most made by different companies, the attack surface is huge. +## BIOS + +In the late 1970's, the Basic Input/Output System was created for the [CP/M](https://www.digitalresearch.biz/CPM.HTM) operating system. It facillitated initializing and communication with hardware components other than the CPU. + +The [Intel 8080](https://en.wikipedia.org/wiki/Intel_8080) machines it was designed to run on were only 8-bit, to show how much more primitive the systems BIOS was designed for were. + +The original BIOS was contained in true Read-Only Memory baked into the motherboard, so it couldn't be changed without replacing the chip it was stored on. Machines back then weren't as madular and upgradeable as many modern PCs, and they mostly didn't have their own onboard firmware like they do now, so the BIOS could handle everything on its own. Any configuration you wanted to do on early BIOS had to be done using physical [DIP switches](https://en.wikipedia.org/wiki/DIP_switch), although later iterations would replace this with an BIOS setup utility controlled with a keyboard, similar to what we have on modern computers. + ## UEFI -In order to facilitate \ No newline at end of file +In order to facilitate the increasing complexity of firmware and components on the motherboard, \ No newline at end of file From aee95fe25b6b361cae7df7045ab6b621baea2a94 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Fri, 24 Oct 2025 07:26:08 -0500 Subject: [PATCH 05/29] add more bios detail --- blog/posts/secure-boot.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 57b96b908..3da7c8886 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -45,6 +45,10 @@ The [Intel 8080](https://en.wikipedia.org/wiki/Intel_8080) machines it was desig The original BIOS was contained in true Read-Only Memory baked into the motherboard, so it couldn't be changed without replacing the chip it was stored on. Machines back then weren't as madular and upgradeable as many modern PCs, and they mostly didn't have their own onboard firmware like they do now, so the BIOS could handle everything on its own. Any configuration you wanted to do on early BIOS had to be done using physical [DIP switches](https://en.wikipedia.org/wiki/DIP_switch), although later iterations would replace this with an BIOS setup utility controlled with a keyboard, similar to what we have on modern computers. -## UEFI +For devices with onboard firmware, you typically had option ROMs, which were on physical expansion cards you bought and plugged into your motherboard. The BIOS would detect these and run them during the boot process. The BIOS would initialize each device one after another, so it would temporarily hand control over to these option ROMs and rely on them to hand back control when they were done. + +As you can imagine, the more devices you had, the more chances for something to go wrong and stop the boot from completing and the longer each boot would take. + +## EFI In order to facilitate the increasing complexity of firmware and components on the motherboard, \ No newline at end of file From 0fe5cba11cd71678fccd17f653a056ee673fbfec Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Fri, 24 Oct 2025 07:37:22 -0500 Subject: [PATCH 06/29] add UEFI --- blog/posts/secure-boot.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 3da7c8886..320098f26 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -45,10 +45,10 @@ The [Intel 8080](https://en.wikipedia.org/wiki/Intel_8080) machines it was desig The original BIOS was contained in true Read-Only Memory baked into the motherboard, so it couldn't be changed without replacing the chip it was stored on. Machines back then weren't as madular and upgradeable as many modern PCs, and they mostly didn't have their own onboard firmware like they do now, so the BIOS could handle everything on its own. Any configuration you wanted to do on early BIOS had to be done using physical [DIP switches](https://en.wikipedia.org/wiki/DIP_switch), although later iterations would replace this with an BIOS setup utility controlled with a keyboard, similar to what we have on modern computers. -For devices with onboard firmware, you typically had option ROMs, which were on physical expansion cards you bought and plugged into your motherboard. The BIOS would detect these and run them during the boot process. The BIOS would initialize each device one after another, so it would temporarily hand control over to these option ROMs and rely on them to hand back control when they were done. +For devices with onboard firmware, you typically had option ROMs, which were on physical expansion cards you bought and plugged into your motherboard. The BIOS would detect these and run them during the boot process. The BIOS would initialize each device one after another, so it would temporarily hand control over to these option ROMs and rely on them to hand back control when they were done. As you can imagine, the more devices you had, the more chances for something to go wrong and stop the boot from completing and the longer each boot would take. -## EFI +## UEFI -In order to facilitate the increasing complexity of firmware and components on the motherboard, \ No newline at end of file +In order to facilitate the increasing complexity of firmware and components on the motherboard, Intel created the [Extensible Firmware Interface](https://www.intel.com/content/www/us/en/content-details/841643/basic-instructions-for-using-the-extensible-firmware-interface-efi-for-server-configuration-on-intel-server-boards-and-intel-server-systems.html). In 2005, the [UEFI Forum](https://uefi.org) was formed to make the standard more open and allow broader industry participation and development of the standard. \ No newline at end of file From ee89decd7ecf67b9f3bb058a40b3761887a202aa Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 05:37:48 -0500 Subject: [PATCH 07/29] add more uefi info --- blog/posts/secure-boot.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 320098f26..f55cb75f0 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -51,4 +51,10 @@ As you can imagine, the more devices you had, the more chances for something to ## UEFI -In order to facilitate the increasing complexity of firmware and components on the motherboard, Intel created the [Extensible Firmware Interface](https://www.intel.com/content/www/us/en/content-details/841643/basic-instructions-for-using-the-extensible-firmware-interface-efi-for-server-configuration-on-intel-server-boards-and-intel-server-systems.html). In 2005, the [UEFI Forum](https://uefi.org) was formed to make the standard more open and allow broader industry participation and development of the standard. \ No newline at end of file +In order to facilitate the increasing complexity of firmware and components on the motherboard, Intel created the [Extensible Firmware Interface](https://www.intel.com/content/www/us/en/content-details/841643/basic-instructions-for-using-the-extensible-firmware-interface-efi-for-server-configuration-on-intel-server-boards-and-intel-server-systems.html). In 2005, the [UEFI Forum](https://uefi.org) was formed to make the standard more open and allow broader industry participation and development of the standard. + +UEFI defines a standard interface for communication between firmware and the operating system, as well as adding some improvements over BIOS. + +Some of these improvements include support for drives larger than 2 terabytes, support for graphical user interfaces in the setup utility with mouse support, support for initializing hardware devices in parallel instead of one after the other, significantly improving boot times, and support for running in 64 bit instead of 16 bit mode. + +Along with all of this, UEFI also supports Secure Boot, security feature that allows you to \ No newline at end of file From dd9094ba45dd878bf4e08f13496084081ef7df51 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 06:47:07 -0500 Subject: [PATCH 08/29] add secure boot key chain graph --- blog/posts/secure-boot.md | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index f55cb75f0..7ac4e3023 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -57,4 +57,18 @@ UEFI defines a standard interface for communication between firmware and the ope Some of these improvements include support for drives larger than 2 terabytes, support for graphical user interfaces in the setup utility with mouse support, support for initializing hardware devices in parallel instead of one after the other, significantly improving boot times, and support for running in 64 bit instead of 16 bit mode. -Along with all of this, UEFI also supports Secure Boot, security feature that allows you to \ No newline at end of file +### Secure Boot + +Along with all of this, UEFI also supports Secure Boot, security feature that allows you to verify the firmware, bootloader, and OS hasn't been tampered with. + +Secure Boot relies on public key infrastructure (PKI) to validate these components. + +It uses key chaining, with the keys verifying the keys further down the chain. + +``` mermaid +graph LR + A[Platform Key] --> B[Key Exchange Key]; + B --> C[Signature Database]; + B --> D[Revoked Signature Database]; + E[Secure Firmware Update Key] +``` \ No newline at end of file From e17cc4dd2dcbf7548e837dd728d8594bf2c4947a Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 06:48:55 -0500 Subject: [PATCH 09/29] update key chain graph --- blog/posts/secure-boot.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 7ac4e3023..98a86e522 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -67,8 +67,8 @@ It uses key chaining, with the keys verifying the keys further down the chain. ``` mermaid graph LR - A[Platform Key] --> B[Key Exchange Key]; - B --> C[Signature Database]; - B --> D[Revoked Signature Database]; + A[Platform Key] -Sign-> B[Key Exchange Key]; + B -Sign-> C[Signature Database]; + B -Sign-> D[Revoked Signature Database]; E[Secure Firmware Update Key] ``` \ No newline at end of file From 037f3050830db176420b48f0ab93de1a3ff60513 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 06:50:23 -0500 Subject: [PATCH 10/29] add explanation --- blog/posts/secure-boot.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 98a86e522..0c0f41c4f 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -71,4 +71,6 @@ graph LR B -Sign-> C[Signature Database]; B -Sign-> D[Revoked Signature Database]; E[Secure Firmware Update Key] -``` \ No newline at end of file +``` + +The PK acts as the root of trust for the KEK which in turn verifies both the signature database and revoked signature database. \ No newline at end of file From 5b850c4d272eba785392115afb49c44e821f316c Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 06:55:14 -0500 Subject: [PATCH 11/29] add more detail about secure boot --- blog/posts/secure-boot.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 0c0f41c4f..27051eb54 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -73,4 +73,6 @@ graph LR E[Secure Firmware Update Key] ``` -The PK acts as the root of trust for the KEK which in turn verifies both the signature database and revoked signature database. \ No newline at end of file +The PK acts as the root of trust for the KEK which in turn verifies both the signature database and revoked signature database. They're all stored in non-volatile memory (NVRAM) so they can be erased and replaced with different keys if desired. + +The secure firmware update key is typically stored in such a way that it's non-writable and protected by hardware, that way in order to flash new firmware, you always need to verify that the firmware is signed by the OEM. This process is separate from Secure Boot. \ No newline at end of file From cc8248129af8b5c452f47704f224034b5b170bf3 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 07:01:16 -0500 Subject: [PATCH 12/29] add more secure firmare update key info --- blog/posts/secure-boot.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 27051eb54..f593d7a7c 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -75,4 +75,6 @@ graph LR The PK acts as the root of trust for the KEK which in turn verifies both the signature database and revoked signature database. They're all stored in non-volatile memory (NVRAM) so they can be erased and replaced with different keys if desired. -The secure firmware update key is typically stored in such a way that it's non-writable and protected by hardware, that way in order to flash new firmware, you always need to verify that the firmware is signed by the OEM. This process is separate from Secure Boot. \ No newline at end of file +The secure firmware update key is typically stored in such a way that it's non-writable and protected by hardware, that way in order to flash new firmware, you always need to verify that the firmware is signed by the OEM. This process is separate from Secure Boot. + +The design of UEFI Secure Boot allows for users to delete the keys all the way up to the PK and use their own keys if they want, so that's another reason the secure fimware update key is typically different than the PK. \ No newline at end of file From 9dd3509bff32a2ed149ec344217cf155877967f1 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 07:12:56 -0500 Subject: [PATCH 13/29] update secure boot info --- blog/posts/secure-boot.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index f593d7a7c..e6d158f1b 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -77,4 +77,8 @@ The PK acts as the root of trust for the KEK which in turn verifies both the sig The secure firmware update key is typically stored in such a way that it's non-writable and protected by hardware, that way in order to flash new firmware, you always need to verify that the firmware is signed by the OEM. This process is separate from Secure Boot. -The design of UEFI Secure Boot allows for users to delete the keys all the way up to the PK and use their own keys if they want, so that's another reason the secure fimware update key is typically different than the PK. \ No newline at end of file +The design of UEFI Secure Boot allows for users to delete the keys all the way up to the PK (root of trust) and use their own keys if they want, so that's another reason the secure firmware update key is typically different than the PK. + +Deleting the PK typically puts the system into Setup Mode, where you'll need to enroll a new PK. + +The PK allows updates to the KEK and by extension the signature databases so erasing it effectively disables Secure Boot until a new key is added. \ No newline at end of file From 3a7456337d760dbb10d4bdf4218af3a58d7669bb Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 07:29:41 -0500 Subject: [PATCH 14/29] update on microsoft KEK --- blog/posts/secure-boot.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index e6d158f1b..8d5fb3cb3 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -81,4 +81,8 @@ The design of UEFI Secure Boot allows for users to delete the keys all the way u Deleting the PK typically puts the system into Setup Mode, where you'll need to enroll a new PK. -The PK allows updates to the KEK and by extension the signature databases so erasing it effectively disables Secure Boot until a new key is added. \ No newline at end of file +The PK allows updates to the KEK and by extension the signature databases so erasing it effectively disables Secure Boot until a new key is added. + +Microsoft provides its own PK for OEMs to use if they don't want the responsibilty of managing the keys themselves. They also provide their own KEK via their KEK certificate authority. For Windows, it's required in order to update the database for newer signed images of Windows. + +It also allows booting into non-Microsoft bootloaders like shim, allowing many Linux distributions to support secure boot without any extra configuration. \ No newline at end of file From cb5e780a764f59d7a5dd55eacf542484b189b33e Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 07:37:57 -0500 Subject: [PATCH 15/29] add attack surface info --- blog/posts/secure-boot.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 8d5fb3cb3..ab96b3aa6 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -85,4 +85,10 @@ The PK allows updates to the KEK and by extension the signature databases so era Microsoft provides its own PK for OEMs to use if they don't want the responsibilty of managing the keys themselves. They also provide their own KEK via their KEK certificate authority. For Windows, it's required in order to update the database for newer signed images of Windows. -It also allows booting into non-Microsoft bootloaders like shim, allowing many Linux distributions to support secure boot without any extra configuration. \ No newline at end of file +It also allows booting into non-Microsoft bootloaders like shim, allowing many Linux distributions to support secure boot without any extra configuration. + +#### Attack Surface + +Since the Microsoft KEK CA allows so many different bootloaders to run by default, it allows more attack surface than many users desire. You can use your own machine owner key (MOK) (and delete the default keys) so that only your own bootloader and/or custom kernel module will be allowed to load. Usually this is provided by your distribution. + +Usually, Secure Boot only covers the UEFI firmware, bootloader, and OS kernel, many peripneral devices like drives are left out of the process. This can mean a lot of extra attack surface depending on how many extra devices you have on your system. \ No newline at end of file From b7897638a4723c5b84ddb37f4fe4a701c3a78211 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 07:40:36 -0500 Subject: [PATCH 16/29] add more attack surface details --- blog/posts/secure-boot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index ab96b3aa6..02d4091a3 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -91,4 +91,4 @@ It also allows booting into non-Microsoft bootloaders like shim, allowing many L Since the Microsoft KEK CA allows so many different bootloaders to run by default, it allows more attack surface than many users desire. You can use your own machine owner key (MOK) (and delete the default keys) so that only your own bootloader and/or custom kernel module will be allowed to load. Usually this is provided by your distribution. -Usually, Secure Boot only covers the UEFI firmware, bootloader, and OS kernel, many peripneral devices like drives are left out of the process. This can mean a lot of extra attack surface depending on how many extra devices you have on your system. \ No newline at end of file +Usually, Secure Boot only covers the UEFI firmware, bootloader, and OS kernel, many peripneral devices like drives are left out of the process. This can mean a lot of extra attack surface depending on how many extra devices you have on your system. It also leaves out a lot of the operating system, so even if the kernel isn't compromised, any part of your OS outside the kernel could be, including any app you've installed. There's room for improvement to make Secure Boot work all the way down to the application level, similar to how it works on mobile operating sytems like Android and iOS, where all running software is required to be signed. \ No newline at end of file From 878002a260aeee041c20efd2eadc37fbd0ae79f3 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 07:59:01 -0500 Subject: [PATCH 17/29] add measured boot --- blog/posts/secure-boot.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 02d4091a3..334ea085f 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -91,4 +91,12 @@ It also allows booting into non-Microsoft bootloaders like shim, allowing many L Since the Microsoft KEK CA allows so many different bootloaders to run by default, it allows more attack surface than many users desire. You can use your own machine owner key (MOK) (and delete the default keys) so that only your own bootloader and/or custom kernel module will be allowed to load. Usually this is provided by your distribution. -Usually, Secure Boot only covers the UEFI firmware, bootloader, and OS kernel, many peripneral devices like drives are left out of the process. This can mean a lot of extra attack surface depending on how many extra devices you have on your system. It also leaves out a lot of the operating system, so even if the kernel isn't compromised, any part of your OS outside the kernel could be, including any app you've installed. There's room for improvement to make Secure Boot work all the way down to the application level, similar to how it works on mobile operating sytems like Android and iOS, where all running software is required to be signed. \ No newline at end of file +Usually, Secure Boot only covers the UEFI firmware, bootloader, and OS kernel, many peripneral devices like drives are left out of the process. This can mean a lot of extra attack surface depending on how many extra devices you have on your system. It also leaves out a lot of the operating system, so even if the kernel isn't compromised, any part of your OS outside the kernel could be, including any app you've installed. There's room for improvement to make Secure Boot work all the way down to the application level, similar to how it works on mobile operating sytems like Android and iOS, where all running software is required to be signed. + +### Measured Boot + +[Measured Boot](https://learn.microsoft.com/en-us/azure/security/fundamentals/measured-boot-host-attestation#measured-boot) take a bit of different approach. Instead of ensuring the loaded firmware, bootloader, and kernel are properly signed, it records a hash of each boot component. + +The measurements are hash-chained together by incrementally adding the previously hashed measurements to the next measurement's hash and running the hashing algorithm on the union of the two. + +The hashes are recorded safely in the [TPM](https://learn.microsoft.com/en-us/windows/security/hardware-security/tpm/trusted-platform-module-overview) of the device, and a trusted third party can verify that the hash is correct and hasn't been tampered with. \ No newline at end of file From 71fd9c16316fcffd78dd5ca4d1da3e63082f8885 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 08:03:01 -0500 Subject: [PATCH 18/29] change measured boot link --- blog/posts/secure-boot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 334ea085f..b4a670c31 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -95,7 +95,7 @@ Usually, Secure Boot only covers the UEFI firmware, bootloader, and OS kernel, m ### Measured Boot -[Measured Boot](https://learn.microsoft.com/en-us/azure/security/fundamentals/measured-boot-host-attestation#measured-boot) take a bit of different approach. Instead of ensuring the loaded firmware, bootloader, and kernel are properly signed, it records a hash of each boot component. +[Measured Boot](https://learn.microsoft.com/en-us/windows/compatibility/measured-boot) take a bit of different approach. Instead of ensuring the loaded firmware, bootloader, and kernel are properly signed, it records a hash of each boot component. The measurements are hash-chained together by incrementally adding the previously hashed measurements to the next measurement's hash and running the hashing algorithm on the union of the two. From 7699e0d3da72aa1e0245e5b454a44197bca1ca86 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 08:10:20 -0500 Subject: [PATCH 19/29] add trusted boot --- blog/posts/secure-boot.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index b4a670c31..ac67f6f75 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -99,4 +99,10 @@ Usually, Secure Boot only covers the UEFI firmware, bootloader, and OS kernel, m The measurements are hash-chained together by incrementally adding the previously hashed measurements to the next measurement's hash and running the hashing algorithm on the union of the two. -The hashes are recorded safely in the [TPM](https://learn.microsoft.com/en-us/windows/security/hardware-security/tpm/trusted-platform-module-overview) of the device, and a trusted third party can verify that the hash is correct and hasn't been tampered with. \ No newline at end of file +The hashes are recorded safely in the [TPM](https://learn.microsoft.com/en-us/windows/security/hardware-security/tpm/trusted-platform-module-overview) of the device, and a trusted third party can verify that the hash is correct and hasn't been tampered with. + +### Trusted Boot + +[Trusted Boot](https://learn.microsoft.com/en-us/windows/security/operating-system-security/system-security/trusted-boot#trusted-boot) is a Windows-specific feature and essentially picks up where Secure Boot leaves off. The Windows bootloader verifies the kernel, then the kernel verifies every other part of the startup process including boot drivers, startup files, and early launch anti-malware driver of your anti-malware software. + +Similarly to Secure Boot, if Trusted Boot detects any of these components are tampered with, it refuses to load it. Windows can even repair corrupted components a lot of the time. \ No newline at end of file From 56900bb506a48b61a3d103b3115dc038e081ee67 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 08:10:35 -0500 Subject: [PATCH 20/29] fix header levels --- blog/posts/secure-boot.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index ac67f6f75..df2f3292b 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -93,7 +93,7 @@ Since the Microsoft KEK CA allows so many different bootloaders to run by defaul Usually, Secure Boot only covers the UEFI firmware, bootloader, and OS kernel, many peripneral devices like drives are left out of the process. This can mean a lot of extra attack surface depending on how many extra devices you have on your system. It also leaves out a lot of the operating system, so even if the kernel isn't compromised, any part of your OS outside the kernel could be, including any app you've installed. There's room for improvement to make Secure Boot work all the way down to the application level, similar to how it works on mobile operating sytems like Android and iOS, where all running software is required to be signed. -### Measured Boot +## Measured Boot [Measured Boot](https://learn.microsoft.com/en-us/windows/compatibility/measured-boot) take a bit of different approach. Instead of ensuring the loaded firmware, bootloader, and kernel are properly signed, it records a hash of each boot component. @@ -101,7 +101,7 @@ The measurements are hash-chained together by incrementally adding the previousl The hashes are recorded safely in the [TPM](https://learn.microsoft.com/en-us/windows/security/hardware-security/tpm/trusted-platform-module-overview) of the device, and a trusted third party can verify that the hash is correct and hasn't been tampered with. -### Trusted Boot +## Trusted Boot [Trusted Boot](https://learn.microsoft.com/en-us/windows/security/operating-system-security/system-security/trusted-boot#trusted-boot) is a Windows-specific feature and essentially picks up where Secure Boot leaves off. The Windows bootloader verifies the kernel, then the kernel verifies every other part of the startup process including boot drivers, startup files, and early launch anti-malware driver of your anti-malware software. From 68886b87dc6fd7a90eea53d348be04f7723835df Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 08:36:31 -0500 Subject: [PATCH 21/29] add verified boot --- blog/posts/secure-boot.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index df2f3292b..106ab35d1 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -105,4 +105,10 @@ The hashes are recorded safely in the [TPM](https://learn.microsoft.com/en-us/wi [Trusted Boot](https://learn.microsoft.com/en-us/windows/security/operating-system-security/system-security/trusted-boot#trusted-boot) is a Windows-specific feature and essentially picks up where Secure Boot leaves off. The Windows bootloader verifies the kernel, then the kernel verifies every other part of the startup process including boot drivers, startup files, and early launch anti-malware driver of your anti-malware software. -Similarly to Secure Boot, if Trusted Boot detects any of these components are tampered with, it refuses to load it. Windows can even repair corrupted components a lot of the time. \ No newline at end of file +Similarly to Secure Boot, if Trusted Boot detects any of these components are tampered with, it refuses to load it. Windows can even repair corrupted components a lot of the time. + +## Verified Boot + +[Verified Boot](https://source.android.com/docs/security/features/verifiedboot/) is more robust than secure boot and strives to ensure that all executed code that's part of the Android version being used are cryptographically verified. This includes the kernel, the [device tree](https://source.android.com/docs/core/architecture/dto), the system partition, the vendor partition, etc. + +Verified Boot is mainly used by Android and [ChromeOS](https://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot/), although Apple's version of "[secure boot](https://support.apple.com/guide/security/boot-process-for-iphone-and-ipad-devices-secb3000f149/1/web/1)" is more akin to Verified Boot. \ No newline at end of file From cace33b127a4fd4e5457838ba9cf35eb73e343ed Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Mon, 27 Oct 2025 08:41:41 -0500 Subject: [PATCH 22/29] add link for secure boot --- blog/posts/secure-boot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 106ab35d1..eeaebcfa7 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -59,7 +59,7 @@ Some of these improvements include support for drives larger than 2 terabytes, s ### Secure Boot -Along with all of this, UEFI also supports Secure Boot, security feature that allows you to verify the firmware, bootloader, and OS hasn't been tampered with. +Along with all of this, UEFI also supports [Secure Boot](https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-secure-boot-key-creation-and-management-guidance?view=windows-11), security feature that allows you to verify the firmware, bootloader, and OS hasn't been tampered with. Secure Boot relies on public key infrastructure (PKI) to validate these components. From 70d002ebdb1c85d52bb615d36065d48b25926974 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Wed, 29 Oct 2025 06:13:21 -0500 Subject: [PATCH 23/29] add future of secure boot --- blog/posts/secure-boot.md | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index eeaebcfa7..3066ff708 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -111,4 +111,20 @@ Similarly to Secure Boot, if Trusted Boot detects any of these components are ta [Verified Boot](https://source.android.com/docs/security/features/verifiedboot/) is more robust than secure boot and strives to ensure that all executed code that's part of the Android version being used are cryptographically verified. This includes the kernel, the [device tree](https://source.android.com/docs/core/architecture/dto), the system partition, the vendor partition, etc. -Verified Boot is mainly used by Android and [ChromeOS](https://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot/), although Apple's version of "[secure boot](https://support.apple.com/guide/security/boot-process-for-iphone-and-ipad-devices-secb3000f149/1/web/1)" is more akin to Verified Boot. \ No newline at end of file +Verified Boot is mainly used by Android and [ChromeOS](https://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot/), although Apple's version of "[secure boot](https://support.apple.com/guide/security/boot-process-for-iphone-and-ipad-devices-secb3000f149/1/web/1)" is more akin to Verified Boot. + +## What does the future hold? + +There's been greater adoption of boot authentication technologies like secure boot across desktop and mobile systems which is great to see. + +### Enabled by Default + +However, in my opinion, it hasn't gone far enough. Most motherboard manufacturers still support legacy boot modes that aren't compatible with Secure Boot, and likely because of this and issues with many Linux distros and Secure Boot, it typically comes disabled by default. This means that a significant number of computer owners are running their system without any type of boot authentication, a massive security risk. + +It would be nice to see a greater push toward making Secure Boot more compatible with more operating systems, dropping legacy boot support, and eventually enabling Secure Boot by default in as many systems as possible. Of course, still allowing the user to enroll their own keys. + +### Expansion into More Devices + +As it is, boot authentication is mostly limited to regular computers and phones. But we live in 2025, the year of the "smart fridge", so with all the IoT devices in our homes, we need all the security we can get. + +In a rare bit of good news, some manufacturers like Samsung are \ No newline at end of file From 3209065bd0be0ffa9cec2513db2af523cc92b0c9 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Wed, 29 Oct 2025 06:16:12 -0500 Subject: [PATCH 24/29] add more secure boot future --- blog/posts/secure-boot.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 3066ff708..56b51ea68 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -127,4 +127,6 @@ It would be nice to see a greater push toward making Secure Boot more compatible As it is, boot authentication is mostly limited to regular computers and phones. But we live in 2025, the year of the "smart fridge", so with all the IoT devices in our homes, we need all the security we can get. -In a rare bit of good news, some manufacturers like Samsung are \ No newline at end of file +In a rare bit of good news, some manufacturers like Samsung are starting to incorporate the same [security technology](https://news.samsung.com/global/samsung-electronics-becomes-the-company-with-the-largest-number-of-level-diamond-iot-security-rating-verifications-by-ul-solutions-in-the-home-appliances-industry) such as their [Knox](https://www.samsungknox.com/en/secured-by-knox) into their appliances, which includes secure boot. + +To me this marks a turning point from manufacturers of IoT products not caring about security at all to beginning to implement some basic improvements. Now, I stil won't tell anyone to get a smart fridge, but if you do, at least it'll be more secure than before. \ No newline at end of file From 367d18d5d218c00d40217343b0ce748c33f1da50 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Wed, 29 Oct 2025 06:16:27 -0500 Subject: [PATCH 25/29] typo --- blog/posts/secure-boot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 56b51ea68..f0f4a1aa7 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -129,4 +129,4 @@ As it is, boot authentication is mostly limited to regular computers and phones. In a rare bit of good news, some manufacturers like Samsung are starting to incorporate the same [security technology](https://news.samsung.com/global/samsung-electronics-becomes-the-company-with-the-largest-number-of-level-diamond-iot-security-rating-verifications-by-ul-solutions-in-the-home-appliances-industry) such as their [Knox](https://www.samsungknox.com/en/secured-by-knox) into their appliances, which includes secure boot. -To me this marks a turning point from manufacturers of IoT products not caring about security at all to beginning to implement some basic improvements. Now, I stil won't tell anyone to get a smart fridge, but if you do, at least it'll be more secure than before. \ No newline at end of file +To me this marks a turning point from manufacturers of IoT products not caring about security at all to beginning to implement some basic improvements. Now, I still won't tell anyone to get a smart fridge, but if you do, at least it'll be more secure than before. \ No newline at end of file From 2d1e79089370d1bcfa80365a4aae43f829b01829 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Wed, 29 Oct 2025 06:27:45 -0500 Subject: [PATCH 26/29] add ul certification --- blog/posts/secure-boot.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index f0f4a1aa7..d8de96899 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -129,4 +129,14 @@ As it is, boot authentication is mostly limited to regular computers and phones. In a rare bit of good news, some manufacturers like Samsung are starting to incorporate the same [security technology](https://news.samsung.com/global/samsung-electronics-becomes-the-company-with-the-largest-number-of-level-diamond-iot-security-rating-verifications-by-ul-solutions-in-the-home-appliances-industry) such as their [Knox](https://www.samsungknox.com/en/secured-by-knox) into their appliances, which includes secure boot. -To me this marks a turning point from manufacturers of IoT products not caring about security at all to beginning to implement some basic improvements. Now, I still won't tell anyone to get a smart fridge, but if you do, at least it'll be more secure than before. \ No newline at end of file +To me this marks a turning point from manufacturers of IoT products not caring about security at all to beginning to implement some basic improvements. Now, I still won't tell anyone to get a smart fridge, but if you do, at least it'll be more secure than before. + +UL is an organization that does certification for companies and products, and their [IoT security certification](https://www.ul.com/resources/lot-security-rating-levels-guide) seems like a good indicator to go on if you want more secure IoT devices, especially since the description of the Diamond tier seems to suggest it requires some form of secure boot. + +### Secure Boot in Cars + +One of the most complex pieces of electronic equipment and also the most potentially deadly is cars. + +Modern cars typically contain over 100 million lines of code, which is more than a passenger jet. A *lot* more. + +This poses a problem when any component malfunctioning or being hacked could lead to property damage or deaths. Luckily, new \ No newline at end of file From a9876d9d11c591d44b19db244b0bab15e35f3954 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Wed, 29 Oct 2025 06:35:29 -0500 Subject: [PATCH 27/29] add automotive seucre boot --- blog/posts/secure-boot.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index d8de96899..e5216dc4b 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -139,4 +139,6 @@ One of the most complex pieces of electronic equipment and also the most potenti Modern cars typically contain over 100 million lines of code, which is more than a passenger jet. A *lot* more. -This poses a problem when any component malfunctioning or being hacked could lead to property damage or deaths. Luckily, new \ No newline at end of file +This poses a problem when any component malfunctioning or being hacked could lead to property damage or deaths. Luckily, new standards like [ISO/SAE 21434:2021](https://www.iso.org/standard/70918.html) exist to provide guidance on best practices for automotive manufacturers. + +Secure boot and [hardware security modules](https://www.vector.com/int/en/products/products-a-z/embedded-software/microsar-hsm/) for automotives are becoming more common. I think we're going to eventually see similar security to phones on our cars at some point. There does seem to be a genuine push toward more security. \ No newline at end of file From d0be1c8d048f815e12e7d2c6ed4847556b7c4263 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Wed, 29 Oct 2025 06:35:53 -0500 Subject: [PATCH 28/29] add trailing space --- blog/posts/secure-boot.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index e5216dc4b..08242aa5b 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -141,4 +141,4 @@ Modern cars typically contain over 100 million lines of code, which is more than This poses a problem when any component malfunctioning or being hacked could lead to property damage or deaths. Luckily, new standards like [ISO/SAE 21434:2021](https://www.iso.org/standard/70918.html) exist to provide guidance on best practices for automotive manufacturers. -Secure boot and [hardware security modules](https://www.vector.com/int/en/products/products-a-z/embedded-software/microsar-hsm/) for automotives are becoming more common. I think we're going to eventually see similar security to phones on our cars at some point. There does seem to be a genuine push toward more security. \ No newline at end of file +Secure boot and [hardware security modules](https://www.vector.com/int/en/products/products-a-z/embedded-software/microsar-hsm/) for automotives are becoming more common. I think we're going to eventually see similar security to phones on our cars at some point. There does seem to be a genuine push toward more security. From 037935b5b07753b93d551eeef1ed6184e7e4af95 Mon Sep 17 00:00:00 2001 From: fria <138676274+friadev@users.noreply.github.com> Date: Thu, 30 Oct 2025 10:06:38 -0500 Subject: [PATCH 29/29] remove option roms --- blog/posts/secure-boot.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/blog/posts/secure-boot.md b/blog/posts/secure-boot.md index 08242aa5b..6f2708470 100644 --- a/blog/posts/secure-boot.md +++ b/blog/posts/secure-boot.md @@ -45,8 +45,6 @@ The [Intel 8080](https://en.wikipedia.org/wiki/Intel_8080) machines it was desig The original BIOS was contained in true Read-Only Memory baked into the motherboard, so it couldn't be changed without replacing the chip it was stored on. Machines back then weren't as madular and upgradeable as many modern PCs, and they mostly didn't have their own onboard firmware like they do now, so the BIOS could handle everything on its own. Any configuration you wanted to do on early BIOS had to be done using physical [DIP switches](https://en.wikipedia.org/wiki/DIP_switch), although later iterations would replace this with an BIOS setup utility controlled with a keyboard, similar to what we have on modern computers. -For devices with onboard firmware, you typically had option ROMs, which were on physical expansion cards you bought and plugged into your motherboard. The BIOS would detect these and run them during the boot process. The BIOS would initialize each device one after another, so it would temporarily hand control over to these option ROMs and rely on them to hand back control when they were done. - As you can imagine, the more devices you had, the more chances for something to go wrong and stop the boot from completing and the longer each boot would take. ## UEFI