*countable infinities only

Gregory Maxwell gmaxwell at gmail.com
Thu May 31 17:10:23 UTC 2012

On Thu, May 31, 2012 at 1:07 PM, Gerry Reno <greno at verizon.net> wrote:
> Could be any of a thousand ways to implement this.
> Maybe it checks the BIOS to determine whether some SecureBoot flag is set.

While it pains me to argue with someone on my side— you're incorrect.
The compromised system would just intercept and emulate or patch out that test.

I think I gave a reasonable outline as to why this is pointless— that
the unsigned userspace will just keep reexploiting the kernel after
boot and before updates be installed.

More information about the devel mailing list