On 7/9/20 10:46 AM, John M. Harris Jr wrote:
"Secure Boot" doesn't make root non-uid 0, and can't keep root from
controlling system devices, even uploading unsigned firmware to peripherals.
While it's true that a completely secure software chain doesn't really
exist yet, we are slowly going in that direction, because it is just
inconceivable otherwise in the world with billions of autonomous IOT
devices---the consequences of a worm-type insecurity that would subvert
a significant portion of Internet-connected devices are just too scary.
For instance, one possible solution used e.g. for a secure BIOS updates
is to prevent loading firmware directly, and instead load it into a
separate flash area. Then, reset the system:
* existing certified firmware boots and finds the updated firmware
* new firmware is measured and verified
* if it passes, the old firmware copies and activates the updated firmware
So you see that you can't subvert this even with UID==0. Same thing for
controlling system devices---with secure software chain even the
applications can be certified and controlled. THis is not your or my
desktop system, of course, but there is a need for systems like this.
When I hear you say that this takes away the ownership of our computers
from us, I think that it's got to be this way for a large part of those
billions of systems---as the saying goes, we have to stop thinking of
computers as pets, and start seeing them as cattle. We can still have
pets as well, but there has to be a way to herd cattle.
devel mailing list -- email@example.com
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines