Skip to Content
Taming the Hacking Storm
book

Taming the Hacking Storm

by Roger A. Grimes
April 2025
Intermediate to advanced
336 pages
9h 37m
English
Wiley
Content preview from Taming the Hacking Storm

Chapter 9 Trusted OSs and Apps

A high-trust Internet ecosystem must have trusted devices that are far less likely to be critically compromised and include trusted operating systems and applications. This chapter covers OS secure booting, trusted operating systems, trusted applications, and trusted actions.

OS Secure Boot

Every computing device has a “boot” process, where the hardware is initialized and the OS is loaded in pieces, starting with the critical core sections followed by the “upper layer” OS code and applications. Figure 9-1 below summarizes the common logical boot process around most computing devices and OSs today (it could vary based on the device).

Flowchart of logical boot process with two parallel columns, each having 5 stages, starts from Hardware Boots and ends with First Volume.

Figure 9-1: Logical boot process.

The more secure and reliable devices and OS have protection and integrity checks along the entire boot process. We covered hardware and firmware booting and safety checks in the previous chapter.

After the hardware and firmware is checked and verified, operations are handed off to the OS. The best OSs have their own checks and verification, starting from the booting of the operating system and beyond. These days most OS boot code has some sort of integrity check that is securely stored and protected by the BIOS/UEFI (or other chip will be covered soon). After the OS boots, the early critical drivers and services/daemons of the OS will load, and all will be integrity checked along ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

Hacking Cryptography

Hacking Cryptography

Kamran Khan, Bill Cox
Offensive Security Using Python

Offensive Security Using Python

Rejah Rehim, Manindar Mohan
Learning Ransomware Response & Recovery

Learning Ransomware Response & Recovery

W. Curtis Preston, Michael Saylor
Ethical Hacking

Ethical Hacking

Daniel G. Graham

Publisher Resources

ISBN: 9781394349586Purchase Link