On 05/31/2012 01:19 PM, Jon Ciesla wrote: > On Thu, May 31, 2012 at 12:16 PM, Gerry Reno <greno@xxxxxxxxxxx> wrote: >> On 05/31/2012 01:10 PM, Gregory Maxwell wrote: >>> On Thu, May 31, 2012 at 1:07 PM, Gerry Reno <greno@xxxxxxxxxxx> wrote: >>>> Could be any of a thousand ways to implement this. >>>> Maybe it checks the BIOS to determine whether some SecureBoot flag is set. >>> While it pains me to argue with someone on my side— you're incorrect. >>> The compromised system would just intercept and emulate or patch out that test. >> Then what's missing here is a way for booted OS's to test themselves for integrity. > Maybe some sort of cryptographic signature stored in the hardware? > > <ducks> > > -J > > </sarcasm> > Just not dictated by one monopoly. . -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
