LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Garrett: Why UEFI secure boot is difficult for Linux

Garrett: Why UEFI secure boot is difficult for Linux

Posted Jan 18, 2012 23:04 UTC (Wed) by marm (guest, #53705)
In reply to: Garrett: Why UEFI secure boot is difficult for Linux by drag
Parent article: Garrett: Why UEFI secure boot is difficult for Linux

When I want to detect a compromised system, I can easily boot a different system from a safe media. This is easy and much more reliable than relying on secure boot features.

> Yes, ideally, you will want to only run perfectly secure applications with perfectly secure configurations and be a perfectly competent administrator.. but we know that is not going to be possible.

Still, even insecure applications can be sandboxed by the system, so that the harm they can incur is very limited.

As long as remote malware is easily able to delete all my files or upload them on RapidShare due to buggy applications, I do not really care if the rest of the OS is compromised.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds