On 05/31/2012 01:34 PM, Jon Ciesla wrote: > On Thu, May 31, 2012 at 12:22 PM, Gerry Reno <greno@xxxxxxxxxxx> wrote: >> On 05/31/2012 01:19 PM, Jon Ciesla wrote: >>> On Thu, May 31, 2012 at 12:16 PM, Gerry Reno <greno@xxxxxxxxxxx> wrote: >>>> On 05/31/2012 01:10 PM, Gregory Maxwell wrote: >>>>> On Thu, May 31, 2012 at 1:07 PM, Gerry Reno <greno@xxxxxxxxxxx> wrote: >>>>>> Could be any of a thousand ways to implement this. >>>>>> Maybe it checks the BIOS to determine whether some SecureBoot flag is set. >>>>> While it pains me to argue with someone on my side— you're incorrect. >>>>> The compromised system would just intercept and emulate or patch out that test. >>>> Then what's missing here is a way for booted OS's to test themselves for integrity. >>> Maybe some sort of cryptographic signature stored in the hardware? >>> >>> <ducks> >>> >>> -J >>> >>> </sarcasm> >>> >> Just not dictated by one monopoly. > Ideally, no. But you see the problem. I'm divided on the solution > myself, but I've yet to see one I feel better about. > > -J > > This game of cat and mouse with the blackhats is not going to end until we have some type of read-only partitions where known good code resides. And the user must hit a hardware button to enable read-write to change anything there. We just keep pushing these blackhats to different layers. Next they'll be flashing our BIOSes and eliminating all protections SecureBoot and otherwise. . -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
