Comment Re:The rootkit would just infect the kernel (Score 5, Interesting) 393
the bootloader can be configured to load a Linux kernel that chain-loads a compromised Windows kernel
That strikes me as an odd proposition.... The Windows kernel has a lot of requirements out of its bootloader.
While that may be true, GRUB has been booting Microsoft Windows for years now. It may have a lot of requirements, but obviously those requirements have been met.
What you might have forgotten is that boot loaders can simply call other boot loaders. It's call chaining, and it is exactly how GRUB boots Micorsoft Windows. You boot to GRUB, which might configure a thing or two (like hide Linux partitions), and then it boots NTLDR (or whatever the latest Microsoft loader is) and the Microsoft boot loader then satisfies all those requirements for the Microsoft Windows operating system.
It's absolutely possible, of course, but the sheer amount of hackery that is required to make it work is just mind boggling... at least to me. Can you link anything that explains your concept?
I won't link, but consider a mail forwarding service. They receive a letter, the might move it internally through a few mail boxes, and then eventually ship it out to you at your new address. What they don't know is that the new address could also be a mail forwarding service. Chaining two mail forwarding services together will still get the mail to the final destination address.
The above example pertains to boot loaders, except that you have the first boot loader set the environment to "boot something" which happens to not be an operating system (actually boot loaders can not differentiate between an OS and a boot loader, because at that level, there are just programs). Without the motherboard configured to only boot signed boot loaders, any number of intermediate boot loaders could be inserted which could then hijack the booting process, perhaps even to the point where they boot a pre-infected (by some means) operating system.
Hopefully this clears things up a bit. I know that boot loaders are only somewhat understood, even by those who use Linux quite a bit. I don't even pretend to be an expert, but it is clear to me that if you want to assure that a certain operating system is booted as it was delivered by the distributor, you need to control the entire boot process from power on to the kernel launch.
Linux's security model protects itself well post-kernel launch, but even Linux could be subverted by sloppy controls over the booting process.