From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/2013-January/022200.html | 117 ++++++++++++++++++++++++++++ 1 file changed, 117 insertions(+) create mode 100644 zarb-ml/mageia-dev/2013-January/022200.html (limited to 'zarb-ml/mageia-dev/2013-January/022200.html') diff --git a/zarb-ml/mageia-dev/2013-January/022200.html b/zarb-ml/mageia-dev/2013-January/022200.html new file mode 100644 index 000000000..e1ad00e37 --- /dev/null +++ b/zarb-ml/mageia-dev/2013-January/022200.html @@ -0,0 +1,117 @@ + + + + [Mageia-dev] [council] *ping* Media query: secure boot support + + + + + + + + + +

[Mageia-dev] [council] *ping* Media query: secure boot support

+ Thomas Backlund + tmb at mageia.org +
+ Tue Jan 29 12:38:56 CET 2013 +

+
+ +
Olav Vitters skrev 29.1.2013 13:12:
+> On Tue, Jan 29, 2013 at 11:11:55AM +0200, Thomas Backlund wrote:
+
+>
+>> And personally, I dont think we should ever bother with the
+>> SecureBoot crap as its flawed in so many ways...
+>
+> I quite like SecureBoot. This way you can avoid attacks on the boot
+> sector.
+>
+
+Yeah, and when MS screws up with one of the master keys
+(or some hw wendor) think about the "dual-booters"
+
+Microsft pushes revocation key through windowsupdate, and you
+suddenly find out your linux wont boot anymore, beacuse the
+signature that is supposed to validate your boot has been
+revoked...
+
+Or a "local dos": just add a single byte to the end of some
+of the signed files/images and the signature checks fail,
+ending up with non-bootable system.... you dont even need
+to exploit it further....
+
+Or MS alters license rules around key signing, so when your
+key expires, guess what... and ms wont be in a hurry to fix
+it.... look at the time it has taken so far for linux foundation
+to try and get proper signatre key....
+
+or...
+
+There is so many fun ways to screw up this "security illusion",
+that it should be buried & forgotten already...
+
+this "secure boot" pushed by ms is also in reality a ms-restricted boot...
+
+--
+Thomas
+
+
+ + + + + + + + + + + + + + + + + + + + + + + + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1