Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
(Nearly) full tickless operation in 3.10
Fedora, secure boot, and an insecure future
Posted Jun 6, 2012 12:23 UTC (Wed) by alonz (subscriber, #815)
The security field is full of misconceptions, miscommunications, and improperly-understood ideas. This is one of the major examples: a hardware root-of-trust means that the principal who put his keys in the hardware module can trust (transitively) any software running on the device. But note that the extra security is only enjoyed by the owner of the keys—not by anyone else! So, unless you give the keys to the end-user (owner of the hardware), and trust them to determine what software is trustworthy and sign this software, you end up with a vendor-locked system. (And if you do trust the end-user, I have a bridge to sell you.)
(On the other hand, if you trust the vendor, I have another bridge…)
Secure boot is currently being sold as a magic security solution. It's not magic, and thus can't work as advertised; unfortunately, a good security solution will be more complex to engineer (and thus nobody has an incentive to develop it).
(Full disclosure: I am chief architect at a security solutions company.)
Posted Jun 6, 2012 12:29 UTC (Wed) by hummassa (subscriber, #307)
It's not security, and it's not a solution... :-) people still did not understand that there is no such thing as shrink-wrapped security?? It is a process, not a product...
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds