> Along with SED, I suggest that you also implement Secure Boot.
Can someone give me pointers to actually known attacks (not
hypothetical ones, which I can invent myself without much difficulty)
that would have been prevented by Secure Boot?
I can see that subverting the early boot might be a good way for
rootkits to install themselves in a way that's hard to detect and/or
remove, but it's not like there aren't plenty of other ways to get
pretty much the same result.
IOW it sounds to me a bit like putting a reinforced steel frame around
a cardboard door.
Stefan
