- cross-posted to:
- hackernews
- cross-posted to:
- hackernews
“Whether a proof of concept or not, Bootkitty marks an interesting move forward in the UEFI threat landscape, breaking the belief about modern UEFI bootkits being Windows-exclusive threats,” ESET researchers wrote. “Even though the current version from VirusTotal does not, at the moment, represent a real threat to the majority of Linux systems, it emphasizes the necessity of being prepared for potential future threats.”
They are stored behind luks and I think they are readable only by root. But bootkit can probably only infect UEFI from Linux that is running on that machine. And to interact to UEFI you probably have to be root, right?
I’ll look into more options, either store keys on a seperate luks usb key or on a hardware securety key like Nitrokey. For
sbctl
there is already a roadmap feature for hardware security keys, I hope this comes soon :)