On 2016/01/12 12:48 , Wilfried Woeber wrote:
While thinking about options or mechanisms to make virtual probes "tamper-proof" I had this question coming up:
Is the probe software capable to "verify" (check-sum or digital sig) the bootstrap kit and then, during run-time, verify that the code in memory is still genuine?
Hi Wilfried, If you do that naively, .i.e. by calling a function called verify_digital_sig or something and with binaries that have symbol tables, then that call is very easy to patch out. Beyond that, it becomes and arms race. You can try to scramble binaries and some people see it as a challenge to break that. The only way to do secure boot is to lock the owner of a computer out of the booting process. And then we are back to locked hardware. Philip