| |||||||||||||||||||
Re: Trusted Boot in Fedora
On Tue, 2011-06-28 at 10:01 -0400, Adam Jackson wrote: > On Tue, 2011-06-28 at 09:59 +0200, Nicolas Mailhot wrote: > > > > Le Lun 27 juin 2011 15:12, Miloslav Trma? a écrit : > > > > > Placing trust in the manufacturer of the hardware puts the user in no > > > worse position than they were before. > > > > I don't call placing absolute vetting power in bios writer hands "no worse > > position". I don't thing anyone can point to a "good" bios on real world > > hardware. > > I appreciate the disdain - no, really, trust me, I do - but you should > realize that SMM means you already may have no control over the machine. Well, the fact that BIOSes aren't open source means that anyway. As far as we the users are concerned, the BIOS is black box code which runs with the ultimate in administrative privileges. It could be doing _anything_ back there. SMM is a fairly standardized example of this, sure, but there's no way we can really be sure our BIOS isn't doing a zillion other 'bad things'. The point where you tip over into excessive paranoia is a bit hard to discern when you start going down this road, though... -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel (Log in to post comments)
|
|||||||||||||||||||