| |||||||||||||
Garrett: Secure Boot and Restricted BootGarrett: Secure Boot and Restricted BootPosted Apr 8, 2013 6:32 UTC (Mon) by mjg59 (subscriber, #23239)In reply to: Garrett: Secure Boot and Restricted Boot by paulj Parent article: Garrett: Secure Boot and Restricted Boot
I have no idea what you're trying to say here, so I'm just going to reiterate that there's no way to use Secure Boot as a DRM mechanism and if you disagree then you can describe exactly how it's supposed to work.
(Log in to post comments)
Garrett: Secure Boot and Restricted Boot Posted Apr 8, 2013 6:41 UTC (Mon) by paulj (subscriber, #341) [Link]
You recognise Restricted Boot is useful for building a DRM system (2 comments above this). You say a flag is pointless for Secure Boot, it is then equally pointless for Restricted Boot, by the very same argument. I don't even know why this flag issue was brought up (I didn't).
The fact still remains that "Secure Boot" differs from "Restricted Boot" by 1 bit of information, which is at the whim of a number of hardware vendors.
Garrett: Secure Boot and Restricted Boot Posted Apr 8, 2013 6:55 UTC (Mon) by mjg59 (subscriber, #23239) [Link]
So… you're agreeing that Secure Boot isn't useful as a DRM mechanism? Like I said, I have no idea what you're trying to say here.
Garrett: Secure Boot and Restricted Boot Posted Apr 8, 2013 7:23 UTC (Mon) by paulj (subscriber, #341) [Link]
You have said Restricted Boot is useful for a DRM system. You don't seem to quibble that Secure Boot and Restricted Boot differ by anything more significant than a bit of information controlled by the maker. I'm sure you're more than intelligent to understand what the implication is, should you be motivated to understand.
Garrett: Secure Boot and Restricted Boot Posted Apr 8, 2013 14:34 UTC (Mon) by mjg59 (subscriber, #23239) [Link]
No, I think you're going to have to be explicit about what you're saying.
Garrett: Secure Boot and Restricted Boot Posted Apr 8, 2013 18:21 UTC (Mon) by kleptog (subscriber, #1183) [Link]
Actually, I'd like clarification how Restricted Boot helps a DRM system. AFAICS it will merely lull media companies into a false sense of security because they might think it actually secures the system while it only secures the boot process.
Take any software that implements DRM, run it in a VM and you can bypass anything. You will need to arrange to run the exploit every boot though.
I find most interesting the contrast:
Securing a PC against malware - good
While these two situations are technically indistinguishable.
|
|||||||||||||