On 7/10/20 8:25 AM, Nicolas Mailhot wrote:
Except that you can fix the vulnerability, push the update and prevent
the exploit, even if the vulnerability would somehow be in the boot
firmware. For the exploit to win it would have to hit the window just
after the boot, which can be prevented.
Le vendredi 10 juillet 2020 à 08:00 -0400, Przemek Klosowski a écrit :
Not quite---as I said in next sentence that you didn't include in
your quote, secure boot also tries to prevent unauthorized
That does not work either, because if your system is remotely
exploitable, it will just be remotely exploited at every boot, and
there will be nothing stored persistently for secure boot to block
(that is actually how some windows malware started to behave once
Microsoft added boot protections).
The other usual argument is that digital keys are cheap and physical
buttons or locks expensive. Well digital keys are definitely not cheap
once you count all the work to keep digital protections up to date and
bug free, and physical buttons are definitely not expensive. I have one
on every bargain-bin iot plug in my house, to authorise initial
pairing. And those buttons will keep working far after the IOT
manufacturer will have screwed up the software update part.
The marginal cost of a digital key has got to be smaller than the
marginal cost of the button. At billions of device, that's the only cost
Again, I am a hardware hacker and I hate the locked devices. But I think
the secure updates have to happen, and it turns out that there is almost
always a local bypass--JTAG, serial port, whatever. Maybe that is a
regulatory issue---like a legal requirement that manufacturers need to
publish a local unlock key/code after (or maybe even before) their
support schedule ends.
devel mailing list -- email@example.com
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines