BIOS RoT is not about a piece of rotting code. It’s about trust.
RoT or Root of Trust is based on the idea that you trust something that is part of something else that is already trusted.
An example of this would be an infant girl having absolute trust in her parents and what they feed her. Food provided by her parents is always trusted. However, a stranger would not be trusted as readily and would require more scrutiny.
Her age can be considered her level. As she ages, she develops a chain of trust. For example, her level as a newborn would be at the infant level. At that level, she only trusts what her parents feed her.
When she levels-up to a child and begins school, certain foods would be known to her by taste, smell and texture. She could trust foods by their names and with what’s consistent with what she knows. Food that tastes bad or has the wrong texture would be spit out. This, in RoT, can be called measuring. If what is measured is not correct, it isn’t trusted and therefore wouldn’t be consumed.
She may even find others she is comfortable with and begin to trust. Some of them trust her too. They can share food.
When she becomes a teenager and has a little pocket money, she can go out to eat with her friends. Most times, they eat at places they’ve already been to with their parents. This time, they want to try something else. They pick a place that has an excellent health score and five-star reviews on social media. The health score and reviews can act like certificate authorities, providing them ways to trust with a reasonable certainty that they will have an enjoyable experience.
When she becomes an adult, she will have a full set of trusted sources and can expand her horizons.
This is essentially how RoT works. It’s a series that begins with something that can be trusted to be un-compromised. Then, going to the next thing, measuring it to make sure it has not been altered, and so on. Things that are trusted get passed on as being trusted. Things that are not trusted, require more scrutiny.
In the UEFI BIOS, there are things that typically are never trusted. They are other ROM files or Option ROMs and boot-loaders.
There’s a lot more to this, but we hope this gives you an idea as to what happens when you power on your system. Your BIOS has trust issues and it’s a good thing.
What are your thoughts on this subject? Comment below or let us know via our social media channels.