How to Bypass Verified Boot Security in Chromium OS

Verified boot is an interesting feature of Chromium OS that supposedly can detect any modification in the root file system (rootfs) by a dedicated adversary. However, by exploiting a design flaw in verified boot, the authors show that an adversary can replace the original rootfs by a malicious rootfs containing exploits such as a spyware or key-logger and still pass the verified boot process. The exploit is based on the fact that a dedicated adversary can replace the rootfs and the corresponding verification information in the bootloader.

Provided by: University at Albany Topic: Security Date Added: Jun 2012 Format: PDF

Find By Topic