Lets
discuss about live
booting/ Live
CD. Live
cd is a Cd/
Dvd
or any other portable media containing bootable
Operating
system. These media have the unique ability to run operating
system without altering the files and operating
system installed on the hard disk of the pc.
It generally places it files in the Ram [random access memory ,volatile memory], so when a pc is rebooted all it files are deleted automatically. Now a Days we all know that Bypassing operating system security is not a big deal But big deal is to secure it, One common thing that you can go with, is to apply a BIOS/ Boot password on your system. So, That no one can bypass your Windows Security through live Booting.
It generally places it files in the Ram [random access memory ,volatile memory], so when a pc is rebooted all it files are deleted automatically. Now a Days we all know that Bypassing operating system security is not a big deal But big deal is to secure it, One common thing that you can go with, is to apply a BIOS/ Boot password on your system. So, That no one can bypass your Windows Security through live Booting.
In
January 2012, Microsoft confirmed to PC manufacturers that they must
enable Secure
Boot by default on PCs to be “Certified for Windows 8”, The
purpose of Secure
Boot is to put an end to computer
viruses that sneak between the hardware and the operating
system. These viruses, also known as bootkits,
work by getting themselves loaded before the operating
system, then they make changes to the operating
system while it lies defenseless
on disk, and then they load the now defenseless
operating
system and have their way with it. Secure
Boot counters the bootkit
by ensuring the hardware verifies the identity and authenticity of
the software that sits between the hardware and the operating
system - the bootloader,
and also the software
embedded in hardware
devices like network
and graphics adapters.
Secure
Boot
sounds like a smart solution
to the bootkit
problem doesn’t it? Who wouldn’t want a secure boot?
Proponents of alternative operating
system don’t want Secure Boot;
not in its current form anyway. Since Microsoft’s pronouncement,
anger has been widespread within Linux
communities
that Secure Boot
on PCs Certified for Windows 8 will lock out alternative operating
systems, e.g. all Linux
distributions. The problem boils down to the way Microsoft and PC
manufacturers will implement Secure
Boot,
and how difficult it will be for many, if not all, alternative
operating
systems to follow suit. Microsoft's stance has been "not our
problem", and in the everyone for themselves sense, they're
right.
Will
Secure
Boot’s implementation also mean that bootable
removable media (rescue
disks, Live
CDs, Live
USBs, Live
OSs) will also no longer boot?
LiveCDs
and Live
USBs provide an “out-of-band” security and management
capability that is as relevant to Secure
Boot
systems as their predecessors.
The
practice of cleaning an infected device from an independent,
external, known clean device is recommended by government
cybersecurity
departments (United States Computer Emergency Readiness Team,
Canada's Cyber
Incident Response Centre, Australian Government's cybersecurity
website) and computer
security leaders (Krebs, Viega, Rubenking) around the world.
A
Live
OS running several anti-virus scanners is effective at detecting
and removing rootkits and bootkits,
as well as other types of malware that are not going to be slowed
down by Secure
Boot. Indeed, with a Live
OS, it’s the bootkit
that lies defenseless
on disk while the Live
OS
has its way with it.
Based
on what’s knowable of the Secure Boot
implementation on PCs to be Certified
for Windows 8 (these don't exist yet for confirming anyone's
understanding), external devices containing a Live
OS are not going to boot via UEFI’s Secure
Boot process. There won’t be a certificate
for the Live
OS's bootloader
in the Secure
Boot table of bootloader
certificates.
Is
Secure
Boot in exchange for no more Live
OS a smart security
tradeoff?
Enter the Windows 8 Windows Recovery Environment (RE). In a recent “Building Windows 8" blog post, Microsoft program manager Chris Clark details the new capabilities in Windows 8 RE. One of the new capabilities enables the end-user, with the click of the mouse, to tell the Windows bootloader to boot an external device.
Enter the Windows 8 Windows Recovery Environment (RE). In a recent “Building Windows 8" blog post, Microsoft program manager Chris Clark details the new capabilities in Windows 8 RE. One of the new capabilities enables the end-user, with the click of the mouse, to tell the Windows bootloader to boot an external device.
This
feature of Windows RE will make booting a Live
OS on an external device easier than it's ever been for
end-users. End-users will no longer have to hit a manufacturer
specific function key in less than ~2 seconds on startup in order to
access and then modify their BIOS\ UEFI settings.
This
is a great development for Live
OS on external bootable
media, and great news for Linux
distributions looking to lower the barrier to entry and capture
new users, e.g. Ubuntu's Live
OS will now be bootable
without requiring the user to fiddle with their computer's BIOS\UEFI,
which is at least as difficult as fiddling with the SecureBoot
on/off setting will be.
The
question remaining is - will this new and easy way to boot
an external device mean more users than ever will try an alternative
operating
system on PCs that are otherwise locked to Windows 8?
No comments:
Post a Comment