Except whoever was supposed to put in a warning about this either wasn’t told, or buried it inside a technical document nobody ever reads. No one on the team who implemented this either thought that there might need to be a warning about untrusted images, or whoever did bring it up was ignored because it was supposed to be handled by another team. There was just one slice of cheese with a gaping hole in it, because it turns out that some manufacturers decided to let users customize their boot image, thinking it would be harmless, and that by itself was enough to wreak havoc.Įvery layer of this problem is a different flavor of coordination failure. It happened because the people writing the image parsers made an incredibly stupid mistake and then didn’t bother testing it, because the software industry doesn’t bother with QA anymore. None of this happened because of some tricky, subtle bug. None of this happened because engineering is hard. When this assumption was violated, all hell broke loose, because we don’t test software anymore. The image parsers were written with the assumption they’d only ever need to load an image file provided by the manufacturer. It’s pretty obvious what happened, actually. Moreover, the fuzzer was able to find the first crashes after running just for a few seconds and, even worse, certain parsers were crashing on valid images found on the Internet. We can confidently say this because we found crashes in almost every parser we tested. But how did something this absurd happen in the first place? The results from our fuzzing and subsequent bug triaging unequivocally say that none of these image parsers were ever tested by IBVs or OEMs. Luckily, the fix for this is pretty simple: don’t make the logo customizable. This means that any manufacturer that allows the user to customize the boot image is now vulnerable to a complete bypass of SecureBoot and Intel Boot Guard. It was recently unveiled that basically every single UEFI SecureBoot implementation ever made can be bypassed with a malicious image file. Most problems in the modern age aren’t complicated engineering problems, they’re the same problem: coordination failure. Sometimes this is because the solution is too expensive, but usually it’s because competing interests create a tragedy of the commons. What they don’t tell you is that we already have solutions for a lot of problems, we just don’t use them. I remember growing up with that same old adage of how you could be the next scientist to invent a cure for cancer, or a solution to climate change, or whatever.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |