do you mean it cant be circumvented from the perspective of syslinux or TPM?
Sadly firmware exploits are rampant. Core Security has good research on this as
phrack...
SMM can be gotten to by far too much. Tho if you are targeted by that skill
level then going to ic3 might be good idea.
-------- Original message --------
From: Ian Bannerman <ian at internals.io>
Date:04/29/2014 2:43 PM (GMT-05:00)
To: Gene Cumm <gene.cumm at gmail.com>,"Taylor Jr, Matthew [U.S.
Computer Corp]" <matthew.taylor at chevron.com>
Cc: syslinux at zytor.com
Subject: Re: [syslinux] SYSLINUX PXE LOCALBOOT Bitlockers
Any deviation from the expected boot process will prevent BitLocker from
accessing the volume key in the TPM. One reason this behavior exists is to
prevent malicious code from being loaded (such as via booting first to CD / USB
/ PXE, loading malware, and then continuing to boot to Windows). So what's
happening here is the deviation from firmware -> PXE -> HDD is detected
and the volume key is not released.
There is no circumventing this behavior.
--Ian
> Date: Mon, 28 Apr 2014 16:35:41 -0400
> From: gene.cumm at gmail.com
> To: Matthew.Taylor at chevron.com
> CC: syslinux at zytor.com
> Subject: Re: [syslinux] SYSLINUX PXE LOCALBOOT Bitlockers
>
> On Mon, Apr 28, 2014 at 4:06 PM, Taylor Jr, Matthew [U.S. Computer
> Corp] <Matthew.Taylor at chevron.com> wrote:
> > Label is OS and I believe there are all booting MBR. Is there a way to
clear the memory then continue loading ? or rebooting the machine from the menu.
>
> No, the entire LABEL stanza including its LOCALBOOT/COM32/KERNEL and
> APPEND lines as applicable.
>
> --
> -Gene
>
> A: Because it messes up the order in which people normally read text,
> especially the archives of mailing lists.
> Q: Why is Top-posting such a bad thing?
>
>
> > -----Original Message-----
> > From: Gene Cumm [mailto:gene.cumm at gmail.com]
> > Sent: Monday, April 28, 2014 1:04 PM
> > To: Taylor Jr, Matthew [U.S. Computer Corp]
> > Cc: syslinux at zytor.com
> > Subject: Re: [syslinux] SYSLINUX PXE LOCALBOOT Bitlockers
> >
> > On Mon, Apr 28, 2014 at 3:37 PM, Taylor Jr, Matthew [U.S. Computer
> > Corp] <Matthew.Taylor at chevron.com> wrote:
> >> Hello;
> >>
> >> I use Bitlocker on my machines and I notice that when I am in my
PXE Menu and I select "Boot to Local Hard Drive" it continues on then
bitlockers. I am assuming that the syslinux is still in memory, bitlocker is
being triggered because of the change. I need a solution to overcome this. I
cannot remove bitlocker from the machines.
> >
> > What does your LABEL look like?? Are you booting the MBR or VBR?
> >
> > --
> > -Gene
>
> _______________________________________________
> Syslinux mailing list
> Submissions to Syslinux at zytor.com
> Unsubscribe or set options at:
> http://www.zytor.com/mailman/listinfo/syslinux
?? ?
_______________________________________________
Syslinux mailing list
Submissions to Syslinux at zytor.com
Unsubscribe or set options at:
http://www.zytor.com/mailman/listinfo/syslinux