1 |
On Sun, Jun 17, 2012 at 1:06 PM, Michał Górny <mgorny@g.o> wrote: |
2 |
> On Sun, 17 Jun 2012 09:55:35 -0700 |
3 |
> Greg KH <gregkh@g.o> wrote: |
4 |
> |
5 |
>> On Sun, Jun 17, 2012 at 05:51:04PM +0200, Michał Górny wrote: |
6 |
>> > 2. What happens if, say, your bootloader is compromised? |
7 |
>> |
8 |
>> And how would this happen? Your bootloader would not run. |
9 |
> |
10 |
> Yes. I'm asking what happens next. Is there an easy way to replace it? |
11 |
> Or is your computer bricked until you run some other bootloader to |
12 |
> replace the compromised one? |
13 |
|
14 |
My understanding is that there are a few options here. |
15 |
|
16 |
One is to simply re-image the system, either directly (as any vendor |
17 |
does), or after booting off of removable media. I'd have to re-read |
18 |
the spec but some of those might not require signatures, and in any |
19 |
case ones with valid signatures should be available. You can of |
20 |
course disable secure boot or go into custom mode as well which lets |
21 |
you do whatever you want until you have the system back in a bootable |
22 |
state. |
23 |
|
24 |
If you're running Windows 8 I believe they plan to have a recovery |
25 |
partition as well, which will be signed and bootable and which is |
26 |
designed to recover the OS. |
27 |
|
28 |
Rich |