On Thu, May 30, 2019 at 11:07 AM CLOSE Dave
<Dave.Close(a)us.thalesgroup.com> wrote:
Chris Murphy wrote:
> Not sure what would corrupt it but there is competition for LBA 0,
> the MBR, in that there's a bootloader portion in the first ~440 bytes
> and then a partition table from that point until the 512th byte. So
> whenever something changes a partition or a boot flag (active bit)
> or bootloader jump code, there's a risk. This was such a well known
> problem it directly affected GPT. For one, don't use LBA 0. Two,
> make two copies in two totally different locations. Three, checksum
> everything. Four, give the bootloader its own home, no sharing.
Interesting advice but it leaves me without a course of action. How does
one avoid using LBA 0? Doesn't the boot loader already have its own
location?
It has multiple locations. One of which is the first 440 bytes of LBA 0.
We'd need to look at LBA 0 on a broken system to do an autopsy. Once
it's fixed, the evidence of what stepped on it is wiped away.
--
Chris Murphy