This is not really true, of course...
Posted Jan 18, 2012 20:38 UTC (Wed) by khim
In reply to: Garrett: Why UEFI secure boot is difficult for Linux
Parent article: Garrett: Why UEFI secure boot is difficult for Linux
As long as you have a security hole in the system, which allows anybody to get superuser rights, it matters very little if you are able to secure the boot process or not.
You assume hole can not be patched - why?
If you do, any malware can still gain root privileges just after bootup and hide itself from all security scans.
Not really. It's easy to create secure update process which just checks the signature and then applies update to your OS. Since it'll do just an update and will include tiny amount of code it can be made pretty bullet-proof.
This is not theory - it was checked on practice. PS3 had extensive multiplayer protection, but eventually (after many years) it was broken. And for a relatively brief time (half-year or so) you had the ability to crack PS3 open using hardware token. Almost everything was compromised: hypervisor, loader, etc. Just one thing survived: secure boot and update system. Now, year after release of 3.56 firmware various cracker sites still contain the same messages in large red letters: For those on v3.56 or v3.60 or v3.61 or v3.66 or v.400- NO Downgrade, NO Jailbreak and NO CFW!.
Sure, the fact that SONY used secure boot to protect PS3 from it's owner is despicable, but the story proves capabilities of secure boot quite nicely.
to post comments)