On Wednesday, August 2, 2017 at 3:15:26 AM UTC+2, Jean-Philippe Ouellet wrote: > On Tue, Aug 1, 2017 at 7:50 PM, cooloutac <raahe...@gmail.com> wrote: > > Qubes doesn't support secure boot unfortunately. I think its batshit crazy > > to consider a pc even reasonably secure without it. > > Secure boot in reality is quite far from the boot chain panacea its > name may suggest. > > If you haven't already, I'd suggest reading Joanna's "Intel x86 > considered harmful" paper [1] and checking out Trammell Hudson's Heads > project [2]. > > FWIW, the systems I currently believe have the most secure boot chains > do not involve UEFI at all. > > Regards, > Jean-Philippe > > [1]: https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf > [2]: http://osresearch.net/
Hello, Suppose I want to create a secure boot chain in another way how do I do this for Qubes? As far as I can deduct from the security documents the packages are signed but the individual executables are not. Is this correct or am I making a mistake here? Thanks -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ab043313-f9f3-4808-97fa-721fc454678d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.