I also did gave a presentation on this topic at Navaja Negra Conference 2015 in Spain (http://n0wblog.blogspot.com.es/2015/10/insecure-booting-linux-english.html).
What I did is similar to what EvilAbigail does but my work is less automated (and more painful but illustrative at the same time :p).
It turns out that is ridiculously easy to mess with initrd and run code to capture LUKS credentials or dropping a shell.
What i do wonder is, what happens if you have grub full disk encryption (including /boot) and SecureBoot enabled? Are you still vulnerable to initrd tampering?
Re: The current state of boot security
What I did is similar to what EvilAbigail does but my work is less automated (and more painful but illustrative at the same time :p).
It turns out that is ridiculously easy to mess with initrd and run code to capture LUKS credentials or dropping a shell.
What i do wonder is, what happens if you have grub full disk encryption (including /boot) and SecureBoot enabled? Are you still vulnerable to initrd tampering?
Regards,
Angel Suarez-B. (n0w)