The NSA has published online a guide for IT admins to keep systems free of bootkits and rootkits.
The American surveillance super-agency's 39-page explainer [PDF] covers UEFI security and, in particular, how folks can master Secure Boot and avoid switching it off for compatibility reasons.
A bootkit is a piece of software that runs before the OS starts up and tampers with it to ensure it runs some kind of malicious code later. Said code could be a rootkit that ensures another piece of the puzzle – spyware or ransomware, say – is deployed and executed with sysadmin-level powers. Secure Boot is a mechanism that uses cryptography to ensure you're booting an operating system that hasn't been secretly meddled with; any addition of a bootkit or rootkit should be caug ..
Support the originator by clicking the read the rest link below.
