| ▲ | madduci 9 hours ago |
| But why? |
|
| ▲ | monax 9 hours ago | parent | next [-] |
| It's just a silly experiment; the real endgame is to make a bootloader that is customisable using HTML/CSS/JS |
| |
| ▲ | magicalhippo 9 hours ago | parent [-] | | Since PDFs can contain JS, presumably that should be the preferred way of modifying your boot loader. | | |
| ▲ | monax 9 hours ago | parent [-] | | Yeah that's the natural next step, I'll work on that next |
|
|
|
| ▲ | ThrowawayTestr 8 hours ago | parent | prev [-] |
| Why not? |
| |
| ▲ | madduci 8 hours ago | parent [-] | | Because this can end very badly. It is a new surface to attack | | |
| ▲ | M95D 8 hours ago | parent | next [-] | | Exactly! It's actually great! More ways to jailbreak stuff. | |
| ▲ | eqvinox 8 hours ago | parent | prev | next [-] | | Why is it a new surface? Either you can run UEFI code, or you can't. Attacking the JS interpreter itself is unrealistic IMHO, it's the poorly written JavaScript running on top of this that might open new surfaces of attack. But other UEFI code is mostly written in C or C++, so let's call that a wash? | |
| ▲ | yjftsjthsd-h 8 hours ago | parent | prev [-] | | Maybe? What's your threat model? |
|
|
