Olav Vitters skrev 29.1.2013 14:40:
On Tue, Jan 29, 2013 at 01:38:56PM +0200, Thomas Backlund wrote:
Olav Vitters skrev 29.1.2013 13:12:
On Tue, Jan 29, 2013 at 11:11:55AM +0200, Thomas Backlund wrote:
And personally, I dont think we should ever bother with the
SecureBoot crap as its flawed in so many ways...
I quite like SecureBoot. This way you can avoid attacks on the boot
sector.
Yeah, and when MS screws up with one of the master keys
(or some hw wendor) think about the "dual-booters"
Microsft pushes revocation key through windowsupdate, and you
suddenly find out your linux wont boot anymore, beacuse the
signature that is supposed to validate your boot has been
revoked...
In which case I'd just turn secure boot off? Same for all the other
examples. Maybe it at one point it has to be disabled, but at the moment
that is not the case and it provides something useful.
and if the hw vendor has not implemented a way to turn it off...
--
Thomas
