> ... which is, as mentioned, not the attack that we're especially worried about.
Yea, what people implementing "Secure" Boot &c seem to be especially worried about is to enable exactly the opposite to what Corbet described in this week's LWN first article:
> It is time to pay more attention to the copyright maximalist agenda and push back. Fair use rights must be asserted where they exist and created where they don't. The business concerns of the entertainment industry should not drive the design of our systems, our networks, and our international agreements.
> the system we use to ensure the freedom of our software can also take away our freedom on other fronts if we do not pay attention. A world where our right to express ourselves is moderated by somebody else's software — usually very proprietary software — is not what we have been working for.
Boot signing -- "secure" boot -- has a deep flaw: that (practically) all software is exploitable to do something it was not meant to do, and that it will be exploited by people with enough to gain by it.