Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
(Nearly) full tickless operation in 3.10
Present user test
Posted Oct 11, 2012 14:33 UTC (Thu) by pjones (guest, #31722)
Posted Oct 11, 2012 14:45 UTC (Thu) by pjones (guest, #31722)
Posted Oct 11, 2012 14:52 UTC (Thu) by epa (subscriber, #39769)
Clearly, if you can plug in a USB key then you have physical access to the machine. The criterion for defeating malware is surely that you can't change the bootloader without physical access. Somebody with that access could equally well install a keylogger or (in principle) just replace the motherboard with a trojaned one.
In fact, you could argue that physically plugging something in is how it should have worked from the beginning. Like an old Nintendo console, your PC or tablet device could come with a Windows cartridge installed, and if you want to boot something else you have to remove that and plug in a different cartridge (which may still allow booting Windows if you wish). Unfortunately that would make the devices a couple of dollars more expensive, so we have these shenanigans with signed bootloaders instead.
Posted Oct 11, 2012 15:09 UTC (Thu) by raven667 (subscriber, #5198)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds