From what I read in the article, there is still one part of the boot sequence that does require some sort of storage: the part where the bootloader fetches the network boot image and verifies it against the checksum signature. But I think that can be performed by booting from a pendrive and then removing it. The problem will come if law enforcement gets a hold of said pendrive…
Why would that be a problem? A boot image should only contain the commands to get the main system started after POST. It shouldn’t contain any kind of logs, traffic data, or user data. In fact it should be read-only.
Destroy the drive. That’s what Apple does and how they get around the whole “we need a backdoor” problem. When no one can access the server, no more problems.
Something tells me that they have a stack of single-use drives so that each time a server needs to reboot for some reason, they write a boot loader in one from their central headquarters, walk back to the server room, use the device to boot the server, and finally hammer the everliving bejeezus out of the thumb drive juuuuust in case. Hopefully they don’t have to reboot that often!
From what I read in the article, there is still one part of the boot sequence that does require some sort of storage: the part where the bootloader fetches the network boot image and verifies it against the checksum signature. But I think that can be performed by booting from a pendrive and then removing it. The problem will come if law enforcement gets a hold of said pendrive…
Why would that be a problem? A boot image should only contain the commands to get the main system started after POST. It shouldn’t contain any kind of logs, traffic data, or user data. In fact it should be read-only.
Boot Drive could be immutable and not contain any form of log?
Destroy the drive. That’s what Apple does and how they get around the whole “we need a backdoor” problem. When no one can access the server, no more problems.
Something tells me that they have a stack of single-use drives so that each time a server needs to reboot for some reason, they write a boot loader in one from their central headquarters, walk back to the server room, use the device to boot the server, and finally hammer the everliving bejeezus out of the thumb drive juuuuust in case. Hopefully they don’t have to reboot that often!
What tells you that?
something
PXE boot will TFTP the boot image into RAM and carry on from there. You shouldn’t need any storage on your device.