Defeating Rollback Protection Software
In response, system administrators install a specific kind of software called Rollback Protection Software (a list of such programs is available here) which locks the operating system in a certain preferred state and prevent any further change. In other words, after the software is set up and the activation is done whatever change takes place in the system is temporary. Everything will be reverted back to its locked stage after each reboot.
The disadvantage of such software is that they actively protect only when the system is running the operating system on which they were installed.
Figure 1 - Computer is booted from the evil USB stick that contains the modified Linux distribution
However, an attacker can automate this procedure in order to spend roughly 5 seconds.
Continue Reading…