On Thu, May 31, 2012 at 01:42:30PM -0400, Gerry Reno wrote: > This game of cat and mouse with the blackhats is not going to end until we have some type of read-only partitions where > known good code resides. > > And the user must hit a hardware button to enable read-write to change anything there. > > We just keep pushing these blackhats to different layers. Next they'll be flashing our BIOSes and eliminating all > protections SecureBoot and otherwise. Platforms implementing secure boot will require cryptographically signed firmware updates, so the only way an attacker will be able to modify your system is by having physical access to the flash. -- Matthew Garrett | mjg59@xxxxxxxxxxxxx -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel