dual boot test

Chris Murphy lists at colorremedies.com
Sat Dec 28 00:36:50 UTC 2013


On Dec 27, 2013, at 5:30 PM, Chris Murphy <lists at colorremedies.com> wrote:

> 
> On Dec 27, 2013, at 4:40 PM, bruce <badouglas at gmail.com> wrote:
> 
>> Hi Chris.
>> 
>> Thanks fo.r the reply
>> .
>> The principle reason for doing/testing dual boot is to have the
>> ability to be able to do a remote reinstall for a fresh OS on a remote
>> box. If you know of a way to accomplish that, I'm more than willing to
>> hear it!!
> 
> USB key imaged with netinstl ISO is has a way to confirm it hasn't been altered, and a VNC and kickstart capability for unattended installation over a network.

So actually, if I have compromised a system with that USB stick pre-inserted, I can create a custom kernel that causes hacked install image on that media to pass checksum. The apparently valid checksum would seem to imply the key hasn't been hacked. But since it has been, my hacked kernel can install a rootkit or other such malware in the course of you reinstalling the system. So I think this is invalid short of it leveraging UEFI Secure Boot.

Chris Murphy



More information about the users mailing list