*countable infinities only

Jon Ciesla limburgher at gmail.com
Thu May 31 17:19:49 UTC 2012


On Thu, May 31, 2012 at 12:16 PM, Gerry Reno <greno at verizon.net> wrote:
> On 05/31/2012 01:10 PM, Gregory Maxwell wrote:
>> On Thu, May 31, 2012 at 1:07 PM, Gerry Reno <greno at verizon.net> wrote:
>>> Could be any of a thousand ways to implement this.
>>> Maybe it checks the BIOS to determine whether some SecureBoot flag is set.
>> While it pains me to argue with someone on my side— you're incorrect.
>> The compromised system would just intercept and emulate or patch out that test.
>
> Then what's missing here is a way for booted OS's to test themselves for integrity.

Maybe some sort of cryptographic signature stored in the hardware?

<ducks>

-J

</sarcasm>

>
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel



-- 
http://cecinestpasunefromage.wordpress.com/
------------------------------------------------
in your fear, seek only peace
in your fear, seek only love

-d. bowie


More information about the devel mailing list