*countable infinities only

Matthew Garrett mjg59 at srcf.ucam.org
Thu May 31 17:47:35 UTC 2012


On Thu, May 31, 2012 at 01:42:30PM -0400, Gerry Reno wrote:
> This game of cat and mouse with the blackhats is not going to end until we have some type of read-only partitions where
> known good code resides.
> 
> And the user must hit a hardware button to enable read-write to change anything there.
> 
> We just keep pushing these blackhats to different layers.  Next they'll be flashing our BIOSes and eliminating all
> protections SecureBoot and otherwise.

Platforms implementing secure boot will require cryptographically signed 
firmware updates, so the only way an attacker will be able to modify 
your system is by having physical access to the flash.

-- 
Matthew Garrett | mjg59 at srcf.ucam.org


More information about the devel mailing list