> I don't get how this is suppose to fix/secure anything. If it
> ultimately loads grub2 where is the security benefit? The infection
> point just changes.

It loads a restricted grub2 which cannot load its modules and which
loads only signed kernels.  So it is theoretically secure.  The only
"problem" would be a bug in one of many complex signed programs or the
firmware used allowing changing it.

Attachment: pgpw1EsfkCCAp.pgp
Description: PGP signature

Reply via email to