Archive for the ‘security’ Category

TPM2 and Linux

http://blog.hansenpartnership.com/tpm2-and-linux/

http://twobit.us/2016/05/tpm2-uefi-measurements-and-event-log/

https://firmware.intel.com/sites/default/files/resources/A_Tour_Beyond_BIOS_Implementing_TPM2_Support_in_EDKII.pdf

https://github.com/01org/tpm2.0-tools/wiki/How-to-use-tpm2-tools

https://communities.intel.com/thread/76492 (Intel NUC + TPM2 + Linux)

http://www.slideshare.net/k33a/trusted-platform-module-tpm

http://www.slideshare.net/OWASP_Poland/wroclaw-3-trusted-computing

Back to school: Learning security in Linux: old and new stuff

Linux Security: Securing and Hardening Linux Production Systems

http://www.puschitz.com/SecuringLinux.shtml

And Ubuntu has a matrix to show its security features:

https://wiki.ubuntu.com/Security/Features

Seccomp and Sandboxing:

http://lwn.net/Articles/332974/
https://www.kernel.org/doc/Documentation/prctl/seccomp_filter.txt

“What the Chrome developers would like is a more flexible way of specifying which system calls can be run directly by code inside the sandbox.One suggestion that came out was to add a new “mode” to seccomp. The API was designed with the idea that different applications might have different security requirements; it includes a “mode” value which specifies the restrictions that should be put in place. Only the original mode has ever been implemented, but others can certainly be added. Creating a new mode which allowed the initiating process to specify which system calls would be allowed would make the facility more useful for situations like the Chrome sandbox.”

Bypassing module_disabled functionality (disabling kernel modules loading):

http://turbochaos.blogspot.sg/2013/10/writing-linux-rootkits-301_31.html

%d bloggers like this: