undefined | Better HN

0 pointsnickpsecurity9y ago0 comments

"..but secure boot? What possible reason could you have for being against a system that prevents bootkits from pwning your machine?"

The fact that I can do the same thing with firmware on a cheap ROM write-protected with a jumper. Additionally, the fact that there's competing I.P. in FOSS and corporate sectors for firmware that does trustworthy boot while leaving what's allowed in my control.

"In general, code signing is a Good Thing, so long as the control remains in the hands of the user."

With Microsoft and Intel style secure boot, it remains in the hands of Microsoft and Intel. And so on. Which is why we're against it.

0 comments

p_l9y ago

Except that "Setup Mode" exists and every serious computing device that uses Secure Boot provides it, because big business customers wants it.

What is "Setup Mode"? It's "load your own root of trust and wipe any preinstalled keys". Nothing, nothing says that the root of trust has to be from Microsoft or Intel (and Secure Boot specification that is tested for Windows Logo certification would reject such system unless manufactured by Microsoft or Intel).

The difference with jumper is that you have standardized APIs etc. for the signing process, including a standardized "jumper".

Karunamon9y ago

The fact that I can do the same thing with firmware on a cheap ROM write-protected with a jumper

Except secure boot isn't about firmware, it's about the code loaded on DASDs.

>With Microsoft and Intel style secure boot, it remains in the hands of Microsoft and Intel.

As long as you can program your own keys into it, I'm not sure how you come to that conclusion.

dsp12349y ago

As long as you can program your own keys into it

Is this not the definition of gatekeeper?

A system where you have to ask permission, but that permission is always granted is inherently different from a system where no permission is ever needed.

Among other things, that permission can be revoked at any time for any reason.

Karunamon9y ago

but that permission is always granted is inherently different from a system where no permission is ever needed.

Indeed. And that system, the one we've been using for a few decades leaves you vulnerable to bootkits in such a way that you'll never know you've been owned.

The PKI has to have a trust root anchored somewhere for the concept to work, and it can be anchored under your control using your keys.

1 more reply

nickpsecurityOP9y ago

"Among other things, that permission can be revoked at any time for any reason."

BOOM! They can charge you for it and they can revoke it. Many companies did "open" platforms or software that later closed things off. Plus, they get more information about you than they even need.

So, we can choose between a security standard that's in our control or theirs. And by theirs, we're talking about companies with a history of real scumbaggery. The design should default to us with no asking for permission. Numerous ones in CompSci and I.P. markets can do that. No excuse except Microsoft and Intel's profits and schemes.

j / k navigate · click thread line to collapse

0 pointsnickpsecurity9y ago0 comments

"..but secure boot? What possible reason could you have for being against a system that prevents bootkits from pwning your machine?"

"In general, code signing is a Good Thing, so long as the control remains in the hands of the user."

With Microsoft and Intel style secure boot, it remains in the hands of Microsoft and Intel. And so on. Which is why we're against it.

0 comments

p_l9y ago

Except that "Setup Mode" exists and every serious computing device that uses Secure Boot provides it, because big business customers wants it.

The difference with jumper is that you have standardized APIs etc. for the signing process, including a standardized "jumper".

Karunamon9y ago

The fact that I can do the same thing with firmware on a cheap ROM write-protected with a jumper

Except secure boot isn't about firmware, it's about the code loaded on DASDs.

>With Microsoft and Intel style secure boot, it remains in the hands of Microsoft and Intel.

As long as you can program your own keys into it, I'm not sure how you come to that conclusion.

dsp12349y ago

As long as you can program your own keys into it

Is this not the definition of gatekeeper?

A system where you have to ask permission, but that permission is always granted is inherently different from a system where no permission is ever needed.

Among other things, that permission can be revoked at any time for any reason.

Karunamon9y ago

but that permission is always granted is inherently different from a system where no permission is ever needed.

Indeed. And that system, the one we've been using for a few decades leaves you vulnerable to bootkits in such a way that you'll never know you've been owned.

The PKI has to have a trust root anchored somewhere for the concept to work, and it can be anchored under your control using your keys.

1 more reply

nickpsecurityOP9y ago

"Among other things, that permission can be revoked at any time for any reason."

BOOM! They can charge you for it and they can revoke it. Many companies did "open" platforms or software that later closed things off. Plus, they get more information about you than they even need.

j / k navigate · click thread line to collapse