Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for June 20, 2013
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
LSS: Secure Boot
Posted Sep 13, 2012 14:44 UTC (Thu) by robertm (subscriber, #20200)
Posted Sep 13, 2012 17:48 UTC (Thu) by pjones (guest, #31722)
Posted Sep 13, 2012 18:23 UTC (Thu) by hummassa (subscriber, #307)
IOW: NOTHING will, in the end, impede malware to install bootkits/jailbreaks. :-D
This way, people are doing all this work to appease Microsoft, under risk of making people think that Secure Boot (TM) is actually secure, which will after all DIMINISH the security status of potential-botnet-drones around the world. Ah, let's not forget the privacy/liberty implications. Hmm...
Posted Sep 13, 2012 19:04 UTC (Thu) by pjones (guest, #31722)
Posted Sep 13, 2012 23:51 UTC (Thu) by hummassa (subscriber, #307)
You know, you kind of proved my point. There is NO added security, because you can always find another vulnerability in the kernel, and use that to escalate past the bootloader (like creating crafted restore-from-hibernation images) and people will act under the illusion that their systems have "added security" when they aren't, which, as I mentioned, diminishes the overall security. For instance, the crafted restore image could allow running unsigned or signed-by-the-malware-author executables or substitute key libraries.
And again, that is my point: "Secure Boot" == "fake security", which is far worse than "no security".
And worse yet: "Secure Boot" == "you are running a signed O.S. (with Defective by Design implications and I Can Phone Home and invade your privacy implications)" OR "you are running a signed (bla bla) but COMPROMISED by malware O.S."...
Posted Sep 14, 2012 12:05 UTC (Fri) by jeroen (subscriber, #12372)
Posted Sep 14, 2012 14:49 UTC (Fri) by BenHutchings (subscriber, #37955)
Posted Sep 14, 2012 20:50 UTC (Fri) by idupree (subscriber, #71169)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds